What's new

Unbound unbound_manager (Manager/Installer utility for unbound - Recursive DNS Server)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Thanks for the info, so if I decide to use unbound nxdomain, is the recommended way to go is to turn off diversion and pixelserv tls correct?
That is correct, if you decide you still want the blank tiny response that pixelservtls leaves without the big blank nxdomain blobs where the ads use to be , I believe you can run just pixelservtls and alias the responses from unbound to pixelservtls ip address using dnsmasq
 
...
I think the whole process and menu with so many letters and selection is getting cumbersome. Not like for example Skynet which is simple and easy. I think we trying too hard to satisfy 100 % cases. I feel it would be best if we do 80% most common and necessary cases and leave the rest outer cases be left for advanced users using manual config. I appreciate all the work that @Martineau has done. Unbound is a great addition to Merlin firmware but maybe we are doing too many small updates and the menu is getting more and more complex. With complexity comes more testing and issues.

@Martineau - NOT wanting to offend you in any way - you have indeed done an incredible job bringing a complex system to the realm of @thelonelycoder 's "AMTM" ... but that's where so MANY of us non-coders live ... and have probably been thoroughly spoilt by Diversion, Skynet and other add-on "menu" systems.

I personally [due to my own limitations which I suspect are the same for many "Noobs"] struggle with having to repeatedly scan through this thread to hunt down various options not immediately apparent in the current unbound "menu" system [for e.g. "sgui" / "scribe" / "adv" etc].

I simply endorse @Markster 's call for a more "noob" user friendly and sufficiently comprehensive [80% rule?] menu system ... and once again THANK you for bringing unbound to our routers.
 
I personally [due to my own limitations which I suspect are the same for many "Noobs"] struggle with having to repeatedly scan through this thread to hunt down various options not immediately apparent in the current unbound "menu" system [for e.g. "sgui" / "scribe" / "adv" etc].
I do try and show only the most common menu options

Code:
+======================================================================+
|  Welcome to the unbound Manager/Installation script (Asuswrt-Merlin) |
|                                                                      |
|                      Version 2.18 by Martineau                       |
|                                                                      |
+======================================================================+
unbound (pid 23203) is running... uptime: 0 Days, 12:58:25 version: 1.9.6 # rgnldo Github Version=v1.07 Martineau update (Date Loaded by unbound_manager Sun Mar 15 19:36:14 GMT 2020)
1  = Update unbound Installation  ('/opt/var/lib/unbound/')
2  = Update unbound Installation Advanced Mode ('/opt/var/lib/unbound/')
3  = Advanced Tools
e  = Exit Script

E:Option ==> adv

Advanced Menu mode ENABLED


unbound (pid 23203) is running... uptime: 0 Days, 12:59:06 version: 1.9.6 # rgnldo Github Version=v1.07 Martineau update (Date Loaded by unbound_manager Sun Mar 15 19:36:14 GMT 2020)
i  = Update unbound Installation ('/opt/var/lib/unbound/')          l  = Show unbound log entries (lo=Enable Logging)
z  = Remove unbound/unbound_manager Installation                    v  = View ('/opt/var/lib/unbound/') unbound Configuration (vx=Edit)
3  = Advanced Tools                                                                                rl = Reload Configuration (Doesn't halt unbound) e.g. 'rl test1[.conf]' (Recovery use 'rl reset/user')
?  = About Configuration                                            oq = Query unbound Configuration option e.g 'oq verbosity' (ox=Set) e.g. 'ox log-queries yes'
rs = Restart (or Start) unbound (use 'rs nocache' to flush cache)   s  = Show unbound statistics (s=Summary Totals; sa=All; sgui=Install GUI TAB; s+=Enable Extended Stats)
e  = Exit Script

A:Option ==> 3


unbound (pid 23203) is running... uptime: 0 Days, 12:59:54 version: 1.9.6 # rgnldo Github Version=v1.07 Martineau update (Date Loaded by unbound_manager Sun Mar 15 19:36:14 GMT 2020)
i  = Update unbound Installation ('/opt/var/lib/unbound/')          l  = Show unbound log entries (lo=Enable Logging)
z  = Remove unbound/unbound_manager Installation                    v  = View ('/opt/var/lib/unbound/') unbound Configuration (vx=Edit)
x  = Stop unbound                                                   vb = Backup current (/opt/var/lib/unbound/unbound.conf) Configuration
                                                                    rl = Reload Configuration (Doesn't halt unbound) e.g. 'rl test1[.conf]' (Recovery use 'rl reset/user')
?  = About Configuration                                            oq = Query unbound Configuration option e.g 'oq verbosity' (ox=Set) e.g. 'ox log-queries yes'
sd = Show dnsmasq Statistics/Cache Size                             s  = Show unbound statistics (s=Summary Totals; sa=All; sgui=Install GUI TAB; s+=Enable Extended Stats)
                                                                    fastmenu = Disable SLOW unbound-control LAN SSL cert validation
scribe = Enable scribe (syslog-ng) unbound logging                  ad = Analyse Diversion White/Black lists ([ file_name [type=adblock] ])
                                                                    ew = Edit Ad Block Whitelist (eb=Blacklist; eca=Config-AllowSites; ecb=Config-BlockSites; el {Ad Block file})
dumpcache = [bootrest] (or Manually use restorecache after REBOOT)  ca = Cache Size Optimisation  ([ 'reset' ])
dig = {domain} [time] Show dig info e.g. dig asciiart.com           lookup = {domain} Show the name servers used for domain e.g. lookup asciiart.eu
dnsinfo = {dns} Show DNS Server e.g. dnsinfo                        dnssec = {url} Show DNSSEC Validation Chain e.g. dnssec www.snbforums.com
links = Show list of external URL links

e  = Exit Script

[Enter] Leave Advanced Tools Menu

A:Option ==>

so a little puzzled on your comment
'struggle with having to repeatedly scan through this thread to hunt down various options not immediately apparent in the current unbound "menu" system'

Clearly there is no obligation/need to use the script except for the initial install - given the lack of simple manual instructions.

i.e. the following sequence would suffice for most
Code:
amtm
i
7
1
then for unbound_manager
Code:
1 or i
sgui
I simply endorse @Markster 's call for a more "noob" user friendly and sufficiently comprehensive [80% rule?] menu system
So ideally shouldn't you be complaining to @dave14305, to implement his unbound Configuration GUI?

However, just out of curiosity, what "menu" system would you and @Markster write/present on-screen?

Just type it out and submit a pull-request.
 
Last edited:
What is the best way to view the status of unbound as it is not showing up in the scribe log is there away to enable it?
You can manually
Code:
unbound-control status >> /tmp/syslog.log
or I could push a v2.18 Hotfix to allow you to schedule say a cron job to print it in syslog-ng
Code:
unbound_manager status

unbound (pid 15413) is running... uptime: 0 Days, 00:02:43 version: 1.9.6 # rgnldo Github Version=v1.07 Martineau update (Date Loaded by unbound_manager Mon Mar 16 09:20:37 GMT 2020)

Code:
Mar 16 09:40:41 RT-AC68U S61unbound: Starting Unbound DNS server /opt/etc/init.d/S61unbound
Mar 16 09:40:45 RT-AC68U unbound: [15413:0] notice: init module 0: validator
Mar 16 09:40:45 RT-AC68U unbound: [15413:0] notice: init module 1: iterator
Mar 16 09:40:45 RT-AC68U unbound: [15413:0] info: start of service (unbound 1.9.6).
Mar 16 09:40:56 RT-AC68U unbound: [15413:0] info: generate keytag query _ta-4f66. NULL IN
Mar 16 09:43:25 RT-AC68U (unbound_manager): 16633 Starting Script Execution (status)
Mar 16 09:43:26 RT-AC68U (unbound_manager): 16633 unbound (pid 15413) is running... uptime: 0 Days, 00:02:43 version: 1.9.6 # rgnldo Github Version=v1.07 Martineau update (Date Loaded by unbound_manager Mon Mar 16 09:20:37 GMT 2020)

Is this what you require?
 
Last edited:
No issues here, update went smooth. For those advanced users needing to be free of menu options, it is recommended to try @rgnldo install method here at this link https://www.snbforums.com/threads/unbound-authoritative-recursive-caching-dns-server.58967/

This is for users who need a complete manual config.

**edit** it appears the instructions have been removed.

I removed the procedures some time ago. It is unreasonable to have two similar topics with the same objective. If you look, there is a link to this thread for a long time. I just wish that many would benefit in some way from Unbound. I had plans to post other solutions on this forum. I gave up. :)
 
Thanks for the info, so if I decide to use unbound nxdomain, is the recommended way to go is to turn off diversion and pixelserv tls correct?

As mentioned the difference is that diversion with pixelserv-tls responds with “yes that domain exists and here is the IP you want” while pointing to pixelserv. Then the client opens a connection and get a single pixel.

In unbound the clients gets “sorry, that domain doesn’t exist”. And the client never tries to open a connection.

It really depends on the client which is better. But adblock detection nowadays can detect both as they typically download JS and set a variable or something like that and both will not do that.

You can see what type of requests are being made from your clients at:

http://[pixelserv ip]/servstats

And look for the different types listed

Code:
nfe	137	# of GET requests for server-side scripting
gif	3	# of GET requests for GIF
ico	0	# of GET requests for ICO
txt	23	# of GET requests for Javascripts
jpg	0	# of GET requests for JPG
png	0	# of GET requests for PNG
swf	0	# of GET requests for SWF
ufe	149	# of GET requests /w unknown file extension


Kvic did some testing a while back now (2017) and at the time the results for performance between using pixelserv and NXDOMAIN was close.

https://kazoo.ga/pixelserv-tls-v2-benchmark/

6ed93ce5d5eee19bddc727c2df4ff644.jpg
 
The error did went away, but I still can't install the adblock option with the script. There was a new message stating that I have Diversion installed, but I never had (I don't see anything in dnsmasq.conf either).
Sorry you have such problems. :oops::oops:

I'll look into the spurious 'Diversion installed' :confused: issue later

EDIT: This is what the script uses to determine if Diversion is ACTIVE, and if any non-blank results are returned, then dnsmasq is running with the Diversion addn-hosts files.
Code:
grep diversion /etc/dnsmasq.conf

addn-hosts=/opt/share/diversion/list/blacklist
addn-hosts=/opt/share/diversion/list/blockinglist
What does it show on your system?
The script ran without user interaction (I had no option to do advanced setup with the ability to choose components)
Hmm perhaps trying to implement the ability (a requested feature) to save time by remembering the current install options is only valid for users running 'Advanced' mode and I should have rejected the request.:(

However, you should be able to always force the option install prompts (in both Easy and Advanced mode) by using
Code:
e  = Exit Script

A:Option ==> i?

Using "adblock install" installed the adblock components

edit: Tried "adblock uninstall" which does not uninstall adblock.
How do you deduce that Ad Block wasn't uninstalled?o_O

There should be no active Ad Block cron job, and its corresponding cron creation directive should have been deleted from 'services-start'

In 'unbound.conf' the Ad Block directive should look like this

'#include: /opt/var/lib/unbound/adblock/adservers'
 
Last edited:
You can manually
Code:
unbound-control status >> /tmp/syslog.log
or I could push a v2.18 Hotfix to allow you to schedule say a cron job to print it in syslog-ng
Code:
unbound_manager status

unbound (pid 15413) is running... uptime: 0 Days, 00:02:43 version: 1.9.6 # rgnldo Github Version=v1.07 Martineau update (Date Loaded by unbound_manager Mon Mar 16 09:20:37 GMT 2020)

Code:
Mar 16 09:40:41 RT-AC68U S61unbound: Starting Unbound DNS server /opt/etc/init.d/S61unbound
Mar 16 09:40:45 RT-AC68U unbound: [15413:0] notice: init module 0: validator
Mar 16 09:40:45 RT-AC68U unbound: [15413:0] notice: init module 1: iterator
Mar 16 09:40:45 RT-AC68U unbound: [15413:0] info: start of service (unbound 1.9.6).
Mar 16 09:40:56 RT-AC68U unbound: [15413:0] info: generate keytag query _ta-4f66. NULL IN
Mar 16 09:43:25 RT-AC68U (unbound_manager): 16633 Starting Script Execution (status)
Mar 16 09:43:26 RT-AC68U (unbound_manager): 16633 unbound (pid 15413) is running... uptime: 0 Days, 00:02:43 version: 1.9.6 # rgnldo Github Version=v1.07 Martineau update (Date Loaded by unbound_manager Mon Mar 16 09:20:37 GMT 2020)

Is this what you require?
That is what I was referring to.
 
I do try and show only the most common menu options

Code:
+======================================================================+
|  Welcome to the unbound Manager/Installation script (Asuswrt-Merlin) |
|                                                                      |
|                      Version 2.18 by Martineau                       |
|                                                                      |
+======================================================================+
unbound (pid 23203) is running... uptime: 0 Days, 12:58:25 version: 1.9.6 # rgnldo Github Version=v1.07 Martineau update (Date Loaded by unbound_manager Sun Mar 15 19:36:14 GMT 2020)
1  = Update unbound Installation  ('/opt/var/lib/unbound/')
2  = Update unbound Installation Advanced Mode ('/opt/var/lib/unbound/')
3  = Advanced Tools
e  = Exit Script

E:Option ==> adv

Advanced Menu mode ENABLED


unbound (pid 23203) is running... uptime: 0 Days, 12:59:06 version: 1.9.6 # rgnldo Github Version=v1.07 Martineau update (Date Loaded by unbound_manager Sun Mar 15 19:36:14 GMT 2020)
i  = Update unbound Installation ('/opt/var/lib/unbound/')          l  = Show unbound log entries (lo=Enable Logging)
z  = Remove unbound/unbound_manager Installation                    v  = View ('/opt/var/lib/unbound/') unbound Configuration (vx=Edit)
3  = Advanced Tools                                                                                rl = Reload Configuration (Doesn't halt unbound) e.g. 'rl test1[.conf]' (Recovery use 'rl reset/user')
?  = About Configuration                                            oq = Query unbound Configuration option e.g 'oq verbosity' (ox=Set) e.g. 'ox log-queries yes'
rs = Restart (or Start) unbound (use 'rs nocache' to flush cache)   s  = Show unbound statistics (s=Summary Totals; sa=All; sgui=Install GUI TAB; s+=Enable Extended Stats)
e  = Exit Script

A:Option ==> 3


unbound (pid 23203) is running... uptime: 0 Days, 12:59:54 version: 1.9.6 # rgnldo Github Version=v1.07 Martineau update (Date Loaded by unbound_manager Sun Mar 15 19:36:14 GMT 2020)
i  = Update unbound Installation ('/opt/var/lib/unbound/')          l  = Show unbound log entries (lo=Enable Logging)
z  = Remove unbound/unbound_manager Installation                    v  = View ('/opt/var/lib/unbound/') unbound Configuration (vx=Edit)
x  = Stop unbound                                                   vb = Backup current (/opt/var/lib/unbound/unbound.conf) Configuration
                                                                    rl = Reload Configuration (Doesn't halt unbound) e.g. 'rl test1[.conf]' (Recovery use 'rl reset/user')
?  = About Configuration                                            oq = Query unbound Configuration option e.g 'oq verbosity' (ox=Set) e.g. 'ox log-queries yes'
sd = Show dnsmasq Statistics/Cache Size                             s  = Show unbound statistics (s=Summary Totals; sa=All; sgui=Install GUI TAB; s+=Enable Extended Stats)
                                                                    fastmenu = Disable SLOW unbound-control LAN SSL cert validation
scribe = Enable scribe (syslog-ng) unbound logging                  ad = Analyse Diversion White/Black lists ([ file_name [type=adblock] ])
                                                                    ew = Edit Ad Block Whitelist (eb=Blacklist; eca=Config-AllowSites; ecb=Config-BlockSites; el {Ad Block file})
dumpcache = [bootrest] (or Manually use restorecache after REBOOT)  ca = Cache Size Optimisation  ([ 'reset' ])
dig = {domain} [time] Show dig info e.g. dig asciiart.com           lookup = {domain} Show the name servers used for domain e.g. lookup asciiart.eu
dnsinfo = {dns} Show DNS Server e.g. dnsinfo                        dnssec = {url} Show DNSSEC Validation Chain e.g. dnssec www.snbforums.com
links = Show list of external URL links

e  = Exit Script

[Enter] Leave Advanced Tools Menu

A:Option ==>

so a little puzzled on your comment
'struggle with having to repeatedly scan through this thread to hunt down various options not immediately apparent in the current unbound "menu" system'

Clearly there is no obligation/need to use the script except for the initial install - given the lack of simple manual instructions.

i.e. the following sequence would suffice for most
Code:
amtm
i
7
1
Code:
1 or i
sgui

So ideally shouldn't you be complaining to @dave14305, to implement his unbound Configuration GUI?

However, just out of curiosity, what "menu" system would you and @Markster write/present on-screen?

Just type it out and submit a pull-request.
My only reservations about the menu are from my lack of desire to tinker with my ssh terminal settings for the best viewers experience :p. Everything else works great. @Martineau has done a great job.
 
Precisely which 'stats' metrics are you referring to?

I suggest you spend some time studying my metrics I posted here.

In summary, the left-most column will always be reset to zero, whereas the right-most column should remain quite close to the pre-restart values (although it appears some internal housekeeping occurs, to presumably flush stale cache entries).

@Martineau

Are you using the default unbound.conf settings to get that 96% cache hit rate?

Also, is there are way to get the menu to show the options all in a row instead of half showing on the left side and half on the right side as seen below? Is this a setting on my end that I need to change?

upload_2020-3-16_8-18-58.png
 
Are you using the default unbound.conf settings to get that 96% cache hit rate?
The high cache hit rate is probably because the router I'm using to test on is isolated behind the main router, so probably the only site referenced from the test router is this forum! i.e. no troublesome family members searching the internet for shoes/frocks/funny cat pics/videos etc. ;)
Also, is there are way to get the menu to show the options all in a row instead of half showing on the left side and half on the right side as seen below? Is this a setting on my end that I need to change?
You could try changing the screen width if that is what you mean to prevent truncation of the right-hand column of menu items?
see the GitHub documentation here
 
NOTE: All text in italics are @Markster's

Suggested solution for basic Menu setup.

Unbound Menu
Code:
1. Status - Started (Stop)
2. Show Stats
3. AdBlock Enabled (Disable)
4. Update Unbound
5. Install Unbound
6. Uninstall
"Note that selection 1 and 3 are toggles.

For advanced users they can use provided unbound-control commands to perform many functions. Also, editing unbound.conf can be performed outside of the menu with nano or vi. Users would then either perform unbound-control start|stop or use this menu.

Unbound already comes with prebuild utility to perform many function and the idea is that we provide Menu for "basic" users.

I believe this simple menu would satisfy 80-90% of users requirements."

If there are no objections, I'll push the dumbed down version later tonight.
 
NOTE: All text in italics are @Markster's

Suggested solution for basic Menu setup.

Unbound Menu
Code:
1. Status - Started (Stop)
2. Show Stats
3. AdBlock Enabled (Disable)
4. Update Unbound
5. Install Unbound
6. Uninstall
"Note that selection 1 and 3 are toggles.

For advanced users they can use provided unbound-control commands to perform many functions. Also, editing unbound.conf can be performed outside of the menu with nano or vi. Users would then either perform unbound-control start|stop or use this menu.

Unbound already comes with prebuild utility to perform many function and the idea is that we provide Menu for "basic" users.

I believe this simple menu would satisfy 80-90% of users requirements."

If there are no objections, I'll push the dumbed down version later tonight.

I like dumb.....and appreciate all of the effort to make it so.....:)
 
@ika I have pushed a v2.18 Hotfix - think I found the two bugs.
 
NOTE: All text in italics are @Markster's

Suggested solution for basic Menu setup.

Unbound Menu
Code:
1. Status - Started (Stop)
2. Show Stats
3. AdBlock Enabled (Disable)
4. Update Unbound
5. Install Unbound
6. Uninstall
"Note that selection 1 and 3 are toggles.

For advanced users they can use provided unbound-control commands to perform many functions. Also, editing unbound.conf can be performed outside of the menu with nano or vi. Users would then either perform unbound-control start|stop or use this menu.

Unbound already comes with prebuild utility to perform many function and the idea is that we provide Menu for "basic" users.

I believe this simple menu would satisfy 80-90% of users requirements."

If there are no objections, I'll push the dumbed down version later tonight.
I think we need to keep advanced menu
 
NOTE: All text in italics are @Markster's

Suggested solution for basic Menu setup.

Unbound Menu
Code:
1. Status - Started (Stop)
2. Show Stats
3. AdBlock Enabled (Disable)
4. Update Unbound
5. Install Unbound
6. Uninstall
"Note that selection 1 and 3 are toggles.

For advanced users they can use provided unbound-control commands to perform many functions. Also, editing unbound.conf can be performed outside of the menu with nano or vi. Users would then either perform unbound-control start|stop or use this menu.

Unbound already comes with prebuild utility to perform many function and the idea is that we provide Menu for "basic" users.

I believe this simple menu would satisfy 80-90% of users requirements."

If there are no objections, I'll push the dumbed down version later tonight.
If this removes the "advance menu" there should be some type of option that provides a dialogue to what options are no longer available so users can still know what to modify that is no longer available via the menu as some users have already invested much into using the advance menu and to simply go backwards creates an issue as well. The other issue is that with this argument for simplification, we could just repost @rgnldo install instructions and abandon the manager all together because that is what this seems to be about.
 
Last edited:

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top