Martineau
Part of the Furniture
So until you started using unbound, you have never been able to refer to '192.168.1.112' by name until now?'/etc/dnsmasq.conf' does not contain a hostname
So until you started using unbound, you have never been able to refer to '192.168.1.112' by name until now?'/etc/dnsmasq.conf' does not contain a hostname
unbound+dnsmasq is a stable combination, and if you are not using Ad Block, then I don't see how unbound is seemingly blocking Facebook.I could use some help with facebook being blocked. I don't use unbound adblock or the firewall feature. I followed dnsmasq but nothing was being blocked:
The browser returns the server stopped responding error...
So I turned off Diversion, didn't make a difference, so I turned off unbound and I could access facebook again.
e = Exit Script [?]
A:Option ==> ox log-servfail yes
unbound-control set_option 'log-servfail yes' ok
I haven't tested.So until you started using unbound, you have never been able to refer to '192.168.1.112' by name until now?
Ah OK, many thanksI haven't tested.
the router etc/hosts.dnsmasq stores the hostname and ip address
AC86U merlin 384.17Ah OK, many thanks
P.S. Which router/firmware are you using?
A query for @juched here ..... just doing some reading about local-zone and local data, the documentation says that a local zone contains local data
Code:local-zone: <zone> <type> Configure a local zone. The type determines the answer to give if there is no match from local-data. The types are deny, refuse, static, transparent, redirect, nodefault, typetranspar- ent, inform, inform_deny, inform_redirect, always_transparent, always_refuse, always_nxdomain, noview, and are explained below. After that the default settings are listed. Use local-data: to enter data into the local zone. Answers for local zones are authoritative DNS answers. By default the zones are class IN. local-data: "<resource record string>" Configure local data, which is served in reply to queries for it. The query has to match exactly unless you configure the local-zone as redirect. If not matched exactly, the local-zone type deter- mines further processing. If local-data is configured that is not a subdomain of a local-zone, a transparent local-zone is config- ured. For record types such as TXT, use single quotes, as in local-data: 'example. TXT "text"'.
Would it be better to use a redirect zone for YT ads like the example below, or is it sufficient to just use local data as you have an exact match?
Code:## DnsSpoof of unwanted or restricted sites local-zone: "doubleclick.net" redirect local-data: "doubleclick.net A 10.0.0.111" local-zone: "facebook.com" redirect local-data: "facebook.com A 10.0.0.111"
Im assuming you can get away with just creating a local zone for the adblocking because there will be no matching local data and the nxdomain will be provided as default zone behaviour.
Code:always_nxdomain Like static, but ignores local data and returns nxdomain for the query.
Code:local-zone: "000owamail0.000webhostapp.com" always_nxdomain local-zone: "000tristanprod.free.fr" always_nxdomain local-zone: "005.free-counter.co.uk" always_nxdomain local-zone: "006.free-counter.co.uk" always_nxdomain local-zone: "006.freecounters.co.uk" always_nxdomain local-zone: "007.free-counter.co.uk" always_nxdomain local-zone: "007angels.com" always_nxdomain local-zone: "008.free-counter.co.uk" always_nxdomain local-zone: "008.free-counters.co.uk" always_nxdomain local-zone: "00author.com" always_nxdomain local-zone: "00go.com" always_nxdomain local-zone: "00it.com" always_nxdomain
Thanks for your assistance.glehel@AC86U-VPN:/tmp/home/root# nslookup Zara-Moto-G.SAFENET-AC86U.
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost.localdomain
Name: Zara-Moto-G.SAFENET-AC86U.
Address 1: 192.168.1.112 Zara-Moto-G
working! I added manual domain line in unbound.conf.localhosts all ip!
'dnsmasq disable' - now correctly identifies IP/Hostname pair when converting dnsmasq localhosts to unbound format
Thanks for the suggestions, everything with dig and debug logging level looked clean as far as I can tell, which is not far. I suspected the browser but it occurred on safari and firefox for iphone, firefox desktop.unbound+dnsmasq is a stable combination, and if you are not using Ad Block, then I don't see how unbound is seemingly blocking Facebook.
You would need to use 'dig', or enable unbound logging with the following 'unbound.conf' directive enabled:
and similarly increase the logging level 'verbosity: X' to debug/verify if/why unbound is failing to resolve the Facebook domains.Code:e = Exit Script [?] A:Option ==> ox log-servfail yes unbound-control set_option 'log-servfail yes' ok
100% working! No error! Thank You!Thanks for your assistance.
I've upload Hotfix
Version=3.11
Github md5=a52ec854a6e06e3e8f2383065f6fc236
Code:'dnsmasq disable' - now correctly identifies IP/Hostname pair when converting dnsmasq localhosts to unbound format
r6.sn-4wg7ln7e.googlevideo.com. IN A 74.125.167.119
r6.sn-4wg7ln7l.googlevideo.com. IN A 74.125.167.119
redirector.googlevideo.com. IN A 74.125.167.119
Seems @juched omitted the expected dash in the hostname grep.Checking the ytadblock file i notice there was a "redirector" domain got in the list... not sure if that's detrimental
EDIT: I think yes... i'm getting video errors ..... maybe some "AwK Fu" required
Code:r6.sn-4wg7ln7e.googlevideo.com. IN A 74.125.167.119 r6.sn-4wg7ln7l.googlevideo.com. IN A 74.125.167.119 redirector.googlevideo.com. IN A 74.125.167.119
I think we can forgive this typo, given he was first to get the feature on Asus routers.Ah .. grep fu then
Yes i removed it and the errors went away.... i wonder if i was the only one affected by this. I clocked up about 50 domains before that got stored. I didn't start unbound, will the fact the local zones are being reloaded every 5 mins take care of that?I think we can forgive this typo, given he was first to get the feature on Asus routers.
You can manually remove the entry and restart unbound, to see if the errors go away.
Yes, but if you're impatient to resume your YouTube viewing , plus, can you rely on my script to have created the cron correctly?Yes i removed it and the errors went away.... i wonder if i was the only one affected by this. I clocked up about 50 domains before that got stored. I didn't start unbound, will the fact the local zones are being reloaded every 5 mins take care of that?
Who can wait for the next instalment of Peppa Pig? ... I see the cron saga was finally laid to rest the with a killer hotfix ....its great to see folks out in the community happy to pour through the code to to look for tiny errors like that.Yes, but if you're impatient to resume your YouTube viewing , plus, can you rely on my script to have created the cron correctly?
Maybe it’s just more interesting than watching Peppa Pig?....its great to see folks out in the community happy to pour through the code to to look for tiny errors like that.
On Android you can use 'dnspipe' by Frostnerd.com.First I would like to thank the amazing job everyone is doing. Thanks to you all and Martineau script unbound is running perfectly for a week now and even better today when I installed youtube ad blocker.
So much so I would like to use unbound as my private dns on my android devides, but I am not sure on how to proceed.
I wonder if there is a way for unbound to listen to the port 853 on WAN, and using the ssl certificates I got with Let's encrypt?
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!