It doesn't have any detrimental effect if you do enable it.I'm also running Skynet.
Do you recommend turning on DNS firewall in unbound_manager?
So since they generate their list every 5 mins, andUnbound - unbound_manager (Manager/Installer utility for unbound - Recursive DNS Server) - General questions / discussion thread 2
whats the differenz from default to 24 hours ?www.snbforums.com
unbound
retrieves it using (@juched's script) every 15 mins, the idea is that to combat immediate phishing attacks and eliminate DNS-hijacking, they provide a dynamic hit-list of current (almost real-time) bad-guys.It doesn't have any detrimental effect if you do enable it.
There is a link in this post to URLHaus, as well as explaining briefly why they promote a DNS Firewall
So since they generate their list every 5 mins, andunbound
retrieves it using (@juched's script) every 15 mins, the idea is that to combat immediate phishing attacks and eliminate DNS-hijacking, they provide a dynamic hit-list of current (almost real-time) bad-guys.
Now you could argue that if you configure Skynet to refresh its Blacklist every 15 mins would that have the same protection?
Shell scripts themselves rarely seg-fault (although not saying my scripts wouldn't), and usually it's the Entware stuff that is borked - lib version mismatch etc.I am having an issue after uninstall and subsequent reboot
Tried re-install and get a segmentation fault on install after the question 'Do you want to ENABLE unbound logging? (NO recommended)'.
Anything I enter at this prompt gives the segmentation error
Tried uninstall but still seeing this error
Its now not showing on amtm,is there a potential directory/file(s) that could be left behind ?
HELP !!!
unbound_manager
GUI then option '2 /z'
should remove ALL traces.... even if it isn't showing as installed and it shouldn't seg-fault.opkg --force-depends --force-removal-of-dependent-packages remove unbound-checkconf unbound-control-setup unbound-control unbound-anchor unbound-daemon
/opt/var/lib/unbound/adblock
/opt/var/lib/unbound
/jffs/addons/unbound
/opt/etc/init.d/S61unbound
cru l
sed -i '/[Uu]nbound_/d' /jffs/scripts/services-start
sed -i '/[Uu]nbound_/d' /jffs/scripts/service-event
sed -i '/[Uu]nbound_/d' /jffs/scripts/service-event-end
All I can suggest is that you nuke Entware, reinstall Entware and retryThis is a strange one
For the manual uninstall nothing was there from your manual steps which is confirmed when I run amtm no. 7 unbound - missing
But again on the first question and selecting 1 to install on logging, i get Segmentation Error Fatal
But in amtm it shows its installed but upon entry I get the same error.
I have uninstalled and restarted
unbound_manager
.Segmentation fault
Segmentation fault
***ERROR INVALID unbound configuration - use option 'vx' to correct 'unbound.conf' or 'rl' to load a valid configuration file
or 'e' exit; then issue debug command
unbound -dv
dmin@RT-AX88U-0D80:/tmp/home/root# unbound -dv
unbound: symbol lookup error: unbound: undefined symbol: edns_strings_delete
Thanks for the tip! I stopped Unbound, updated Entware, and then updated/re-started Unbound. Everything looks good so far.Entware updates released today. Get ready for the problems! Suggest everyone stop Unbound before updating Entware packages.
Well I guess someone has to be firstEntware updates released today. Get ready for the problems! Suggest everyone stop Unbound before updating Entware packages.
Upgrading unbound-host on root from 1.12.0-1 to 1.13.1-1...
Downloading http://bin.entware.net/armv7sf-k2.6/unbound-host_1.13.1-1_armv7-2.6.ipk
Upgrading unbound-checkconf on root from 1.12.0-1 to 1.13.1-1...
Downloading http://bin.entware.net/armv7sf-k2.6/unbound-checkconf_1.13.1-1_armv7-2.6.ipk
Upgrading unbound-daemon on root from 1.12.0-1 to 1.13.1-1...
Downloading http://bin.entware.net/armv7sf-k2.6/unbound-daemon_1.13.1-1_armv7-2.6.ipk
Upgrading unbound-control on root from 1.12.0-1 to 1.13.1-1...
Downloading http://bin.entware.net/armv7sf-k2.6/unbound-control_1.13.1-1_armv7-2.6.ipk
Upgrading libunbound on root from 1.12.0-1 to 1.13.1-1...
Downloading http://bin.entware.net/armv7sf-k2.6/libunbound_1.13.1-1_armv7-2.6.ipk
Removing obsolete file /opt/lib/libunbound.so.8.1.10.
Upgrading unbound-anchor on root from 1.12.0-1 to 1.13.1-1...
Downloading http://bin.entware.net/armv7sf-k2.6/unbound-anchor_1.13.1-1_armv7-2.6.ipk
Configuring libunbound.
Configuring unbound-host.
unbound_manager
won't restart unbound....+======================================================================+
| Welcome to the unbound Manager/Installation script (Asuswrt-Merlin) |
| |
| Version 3.23b8 by Martineau |
| |
+======================================================================+[1616535066] unbound-control[9998:0] error: connect: Connection refused for 127.0.0.1 port 953
***ERROR unbound-control - failed'?
unbound is stopped # Version=v1.12b Martineau update (Date Loaded by unbound_manager Tue Mar 23 21:30:21 GMT 2021)
[1616535077] unbound-control[11809:0] error: connect: Connection refused for 127.0.0.1 port 953
[1616535082] unbound-control[12124:0] error: connect: Connection refused for 127.0.0.1 port 953
unbound_manger/unbound
unbound (pid 6260) is running... uptime: 0 Days, 00:07:31 version: 1.13.1 # Version=v1.12 Martineau update (Date Loaded by unbound_manager Tue Mar 23 21:50:57 GMT 2021)
1 = Update unbound files and configuration 5 = Install Ad and Tracker blocker (Ad Block)
2 = Remove unbound/unbound_manager 6 = Install Graphical Statistics GUI Add-on TAB
3 = Stop unbound 7 = Enable DNS Firewall
4 = Show unbound statistics 8 = Install YouTube Ad blocker
9 = Install Safe Search e.g. google.com->forcesafesearch.google.com
? = About Configuration
v = View ('/opt/var/lib/unbound/'unbound.conf)
e = Exit Script [?]
E:Option ==> s
total.num.queries=794 total.num.expired=5 total.requestlist.exceeded=0 total.tcpusage=0
total.num.queries_ip_ratelimited=0 total.num.recursivereplies=108 total.requestlist.current.all=0 msg.cache.count=397
total.num.cachehits=686 total.requestlist.avg=0.199275 total.requestlist.current.user=0 rrset.cache.count=1488
total.num.cachemiss=108 total.requestlist.max=7 total.recursion.time.avg=0.096596 infra.cache.count=403
total.num.prefetch=168 total.requestlist.overwritten=0 total.recursion.time.median=0.0565993 key.cache.count=70
Summary: Cache Hits success=86.00%
I will have to buy a lottery ticket since upgrading Entware late this morning, unbound manager responded fine as usual. On the other hand the fact that Skynet and Scribe were affected until I ran the "Show scribe status", which have fixed the dead syslog=ng, it might be possible that this also have make unbound manager working correctly.Well I guess someone has to be first
Code:Upgrading unbound-host on root from 1.12.0-1 to 1.13.1-1... Downloading http://bin.entware.net/armv7sf-k2.6/unbound-host_1.13.1-1_armv7-2.6.ipk Upgrading unbound-checkconf on root from 1.12.0-1 to 1.13.1-1... Downloading http://bin.entware.net/armv7sf-k2.6/unbound-checkconf_1.13.1-1_armv7-2.6.ipk Upgrading unbound-daemon on root from 1.12.0-1 to 1.13.1-1... Downloading http://bin.entware.net/armv7sf-k2.6/unbound-daemon_1.13.1-1_armv7-2.6.ipk Upgrading unbound-control on root from 1.12.0-1 to 1.13.1-1... Downloading http://bin.entware.net/armv7sf-k2.6/unbound-control_1.13.1-1_armv7-2.6.ipk Upgrading libunbound on root from 1.12.0-1 to 1.13.1-1... Downloading http://bin.entware.net/armv7sf-k2.6/libunbound_1.13.1-1_armv7-2.6.ipk Removing obsolete file /opt/lib/libunbound.so.8.1.10. Upgrading unbound-anchor on root from 1.12.0-1 to 1.13.1-1... Downloading http://bin.entware.net/armv7sf-k2.6/unbound-anchor_1.13.1-1_armv7-2.6.ipk Configuring libunbound. Configuring unbound-host.
unbound_manager
won't restart unbound....
Code:+======================================================================+ | Welcome to the unbound Manager/Installation script (Asuswrt-Merlin) | | | | Version 3.23b8 by Martineau | | | +======================================================================+[1616535066] unbound-control[9998:0] error: connect: Connection refused for 127.0.0.1 port 953 ***ERROR unbound-control - failed'? unbound is stopped # Version=v1.12b Martineau update (Date Loaded by unbound_manager Tue Mar 23 21:30:21 GMT 2021) [1616535077] unbound-control[11809:0] error: connect: Connection refused for 127.0.0.1 port 953 [1616535082] unbound-control[12124:0] error: connect: Connection refused for 127.0.0.1 port 953
LIfe is too short so uninstalledunbound_manger/unbound
Fresh install
Code:unbound (pid 6260) is running... uptime: 0 Days, 00:07:31 version: 1.13.1 # Version=v1.12 Martineau update (Date Loaded by unbound_manager Tue Mar 23 21:50:57 GMT 2021) 1 = Update unbound files and configuration 5 = Install Ad and Tracker blocker (Ad Block) 2 = Remove unbound/unbound_manager 6 = Install Graphical Statistics GUI Add-on TAB 3 = Stop unbound 7 = Enable DNS Firewall 4 = Show unbound statistics 8 = Install YouTube Ad blocker 9 = Install Safe Search e.g. google.com->forcesafesearch.google.com ? = About Configuration v = View ('/opt/var/lib/unbound/'unbound.conf) e = Exit Script [?] E:Option ==> s total.num.queries=794 total.num.expired=5 total.requestlist.exceeded=0 total.tcpusage=0 total.num.queries_ip_ratelimited=0 total.num.recursivereplies=108 total.requestlist.current.all=0 msg.cache.count=397 total.num.cachehits=686 total.requestlist.avg=0.199275 total.requestlist.current.user=0 rrset.cache.count=1488 total.num.cachemiss=108 total.requestlist.max=7 total.recursion.time.avg=0.096596 infra.cache.count=403 total.num.prefetch=168 total.requestlist.overwritten=0 total.recursion.time.median=0.0565993 key.cache.count=70 Summary: Cache Hits success=86.00%
Saw you append, after I updated Entware . Yep the update "borked" Unbound preventing it from restarting. Uninstalled Unbound, re-installed again to recover. Now learnt (hopefully) after two Entware updates which have created Unbound issues creating an uninstall/re-install, shutdown Unbound first!Entware updates released today. Get ready for the problems! Suggest everyone stop Unbound before updating Entware packages.
Never mind - I just read the Unbound Wiki and that explains it.Sorry if this has been asked and answered previously, but when running Unbound and I do a DNS Leak Test, what is the correct response to show that I am not leaking DNS requests?
have you tried the "sgui" command?I have updated to 386.2 last night (have also unmounted my USB drive prior updating) but after a successful reboot, I have noticed that the unbound GUI tab was missing from Addons (even if nothing out of order could be see from the unbound Manager/Installation script) and that it was also no longer listed from scMerlin's WebUI Addons list.
1. I have removed unbound then reinstalled it (plus option 6), still no GUI tab even after two reboots.
View attachment 32771
View attachment 32773
View attachment 32772
2. I have removed Entware and unbound before reinstalling unbound with Entware (plus option 6), still no GUI tab after two more reboots.
Therefore before I erase, reformat my USB drive then reinstall all my addons, is there another less complex solution that could help me to get the unbound GUI tab visible again?
Thanks.
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!