juched
Very Senior Member
Thank you.
Much appreciated.
What line do I need to run to disable the adblock? Or do I need to uninstall and install again UnBound?
Run i command again and skip Adblock.
Sent from my iPhone using Tapatalk
Thank you.
Much appreciated.
What line do I need to run to disable the adblock? Or do I need to uninstall and install again UnBound?
Apr 1 14:31:28 rc_service: service 15259:notify_rc restart_dnsmasq
Apr 1 14:31:29 custom_script: Running /jffs/scripts/service-event (args: restart dnsmasq)
Apr 1 14:31:30 custom_script: Running /jffs/scripts/dnsmasq.postconf (args: /etc/dnsmasq.conf)
Apr 1 14:31:31 Diversion: is disabled, no services started
Apr 1 14:31:31 (dnsmasq.postconf): Updating /etc/dnsmasq.conf for unbound.....
Apr 1 14:31:57 (unbound_manager.sh): 15986 Starting Script Execution (easy)
Apr 1 14:47:58 Diversion: Starting Entware and Diversion services on /tmp/mnt/USB
Apr 1 14:47:58 S02haveged: Starting Haveged entropy /opt/etc/init.d/S02haveged
Apr 1 14:47:58 haveged: haveged starting up
Apr 1 14:47:58 admin: Started haveged from /jffs/scripts/post-mount.
Apr 1 14:47:58 rc_service: service 785:notify_rc restart_dnsmasq
Apr 1 14:47:58 rc_service: hotplug 583:notify_rc restart_nasapps
Apr 1 14:47:58 rc_service: waitting "restart_dnsmasq" via ...
Apr 1 14:47:58 custom_script: Running /jffs/scripts/service-event (args: restart dnsmasq)
Apr 1 14:47:59 custom_script: Running /jffs/scripts/dnsmasq.postconf (args: /etc/dnsmasq.conf)
Apr 1 14:47:59 Diversion: enabling services after unmount
Apr 1 14:48:02 Diversion: restarted Dnsmasq to apply settings
I just uninstalled unbound with "z" and then "Y".
Then I saw two red lines with "no files in ..../.../unbound" (or something like this)
After a restart I thought unbound was gone, but I figured out it's still running.
The menu(7) in amtm is gone.Code:Apr 1 14:31:28 rc_service: service 15259:notify_rc restart_dnsmasq Apr 1 14:31:29 custom_script: Running /jffs/scripts/service-event (args: restart dnsmasq) Apr 1 14:31:30 custom_script: Running /jffs/scripts/dnsmasq.postconf (args: /etc/dnsmasq.conf) Apr 1 14:31:31 Diversion: is disabled, no services started Apr 1 14:31:31 (dnsmasq.postconf): Updating /etc/dnsmasq.conf for unbound..... Apr 1 14:31:57 (unbound_manager.sh): 15986 Starting Script Execution (easy)
What can I do to properly uninstall unbound?
Edit:
Via amtm I started "7" and then chose "z" again to uninstall. No success, see haveged.
Code:Apr 1 14:47:58 Diversion: Starting Entware and Diversion services on /tmp/mnt/USB Apr 1 14:47:58 S02haveged: Starting Haveged entropy /opt/etc/init.d/S02haveged Apr 1 14:47:58 haveged: haveged starting up Apr 1 14:47:58 admin: Started haveged from /jffs/scripts/post-mount. Apr 1 14:47:58 rc_service: service 785:notify_rc restart_dnsmasq Apr 1 14:47:58 rc_service: hotplug 583:notify_rc restart_nasapps Apr 1 14:47:58 rc_service: waitting "restart_dnsmasq" via ... Apr 1 14:47:58 custom_script: Running /jffs/scripts/service-event (args: restart dnsmasq) Apr 1 14:47:59 custom_script: Running /jffs/scripts/dnsmasq.postconf (args: /etc/dnsmasq.conf) Apr 1 14:47:59 Diversion: enabling services after unmount Apr 1 14:48:02 Diversion: restarted Dnsmasq to apply settings
opkg remove haveged
server:
include: "/opt/share/unbound/configs/unbound.conf.add" # Custom server directives
include: "/opt/share/unbound/configs/unbound.conf.add" # Custom server directives
include: "/opt/share/unbound/configs/unbound.conf.add" # Custom server directives
I'll take a look at the duplicate 'include:' issue.@Martineau believe I found an issue (or maybe two).
When using unbound.postconf (and maybe from unbound.conf.add), I am finding that multiple lines are being added to my unbound.conf, also, the changes made my postconf are permanent, meaning that you need to re-download to get the original back.
Code:server: include: "/opt/share/unbound/configs/unbound.conf.add" # Custom server directives include: "/opt/share/unbound/configs/unbound.conf.add" # Custom server directives include: "/opt/share/unbound/configs/unbound.conf.add" # Custom server directives
Perhaps unbound.conf should be downloaded and kept as a copy, then during boot copy it, insert .add and apply postconf. Right now the only copy of unbound.conf is gone once you mess it up with a bad postconf.
Don't ask how I know
@Martineau believe I found an issue
When using unbound.postconf (and maybe from unbound.conf.add), I am finding that multiple lines are being added to my unbound.conf, also, the changes made my postconf are permanent, meaning that you need to re-download to get the original back.
Code:server: include: "/opt/share/unbound/configs/unbound.conf.add" # Custom server directives include: "/opt/share/unbound/configs/unbound.conf.add" # Custom server directives include: "/opt/share/unbound/configs/unbound.conf.add" # Custom server directives
e = Exit Script
A:Option ==> u
But by appending to the end of the file, the include will be outside the server: section and may not work as before if it includes server: options. I don’t know if it’s valid to have a second server: section or not, but you might consider just including the statement at the end of server: before remote-control:. Then any options can be used as long as the server ones appear first.Also, rather than enforce the use of scripting (i.e. 'unbound.postconf') to replace existing directives in 'unbound.conf', allow 'unbound.conf.add' to advantageously/conveniently override existing values by appending the 'include: unbound.conf.add' directive to the end of 'unbound.conf' rather than at the beginning.
RTFM ?But by appending to the end of the file, the include will be outside the server: section and may not work as before if it includes server: options. I don’t know if it’s valid to have a second server: section or not, but you might consider just including the statement at the end of server: before remote-control:. Then any options can be used as long as the server ones appear first.
RTFM ?
unbound_manager v3.00 Beta (use 'uf dev' command to try it) includes NEW: Duplicate directives Alert feature.
Originally I assumed 'unbound.conf.add' would be used to insert unique statements, and for more advanced users, they would ideally use the 'unbound.postconf' script to replace/delete directives.Just to be clear, this means that from now on we can simply specify server: and the server items we want to add/override, and your script will insert it at the end, and the last item specified wins?
Seems the following items are supported to be duplicated:
- server:
- access-control:
- private-address:
- domain-insecure:
- forward-addr:
- include:
- interfaces:
- outgoing-interface:
--- edit ----
sorry, looking closer it seems you output the server: portion automatically. So, just server: is supported, and it adds it to the end.
Also, I see that I missed yesterday that there is a "reset.conf" and "user.conf". Reset seems to be the original, as I had asked, so you had already thought of that. What is the purpose of user.conf? Just a backup?
--- edit 2 ----
Confirmed from the code user.conf is a backup.
I can also confirm that I have moved all my postconf script replacement and deletions to my .conf.add and it inserted into the end and overrides those settings well. Much simplier.
So, to what this means is that any items you want to set under "server:" directive, you can do by adding to the unbound.conf.add file, and it will work.
Originally I assumed 'unbound.conf.add' would be used to insert unique statements, and for more advanced users, they would ideally use the 'unbound.postconf' script to replace/delete directives.
However, didn't someone say nah!, learn vi to edit the configs files directly (remembering to take judicious backups of course) so no need for these advanced features to be available in the script.
Fortunately (unlike say dnsmasq) unbound appears to tolerate duplicate directives and 'last one wins', so it makes sense to move 'unbound.conf.add' to the end of 'unbound.conf' with the beneficial side effect that you may wish to add/overide non-'server:' directives, but to make the new implementation backwards compatible, I decided it was prudent to include the 'server:' header....just in case!
During the initial install, 'reset.conf' is the 'unbound.conf' downloaded from Github, and 'user.conf' is the modified 'unbound.conf' resulting from the user replying 'y' to the Option prompts.
(If no advanced options are selected, then 'user'.conf' is identical to 'reset.conf')
Does it make sense to have a separate thread for your unbound.conf project?A little bit of learning and playing seems to keep expanding and expanding.
Keep up the great work man, if you need any one to test and collaborate your findings, just give a shout out.Thanks, makes sense. I am now using this method (instead of postconf) to change the port to 53 and some other settings I want to stick after update (like use-syslog).
That, and my dnsmasq.conf.add to set port to 0, and now my network talks directly to unbound. This allows my stats page to show which clients are making which requests.
A little bit of learning and playing seems to keep expanding and expanding.
Is there a point of or is it possible to use unbound & inbuilt DoT together. My DoT is enabled with cloudfare servers and I'm wondering if it is doing anything?
You must be seeing dns traffic somewhere. Try:@bluzfanmr1 I did & it shows no traffic on both port 53 & 853. Screen shot of config page attached.
tcpdump -i $(nvram get wan0_ifname) -n port 853
tcpdump -i $(nvram get wan0_ifname) -n port 53
Yeah 2nd command show something but still nothing on port 853, see below. Maybe my set up is weird as I connect the Asus to a Fibre ONT & under IPTV I have to set VID 10 in Internet tab.You must be seeing dns traffic somewhere. Try:
Maybe eth0 isn’t your WAN port name.Code:tcpdump -i $(nvram get wan0_ifname) -n port 853 tcpdump -i $(nvram get wan0_ifname) -n port 53
Did you choose the stubby integration in Unbound Manager? Otherwise Unbound is overriding Stubby.Yeah 2nd command show something but still nothing on port 853, see below. Maybe my set up is weird as I connect the Asus to a Fibre ONT & under IPTV I have to set VID 10 in Internet tab.
23:16:35.213832 IP WAN IP.telstraclear.net.59822 > one.one.one.one.domain: 25894+ PTR? 1.1.1.1.in-addr.arpa. (38)
00:00:00.720471 IP one.one.one.one.domain > WAN IP.telstraclear.net.59822: 25894 1/0/0 PTR one.one.one.one. (87)
00:00:00.718261 IP ns4.google.com.domain > WAN IP.telstraclear.net.39946: 41910*- 1/0/1 A 172.217.1.99 (58)
23:16:36.803586 IP WAN IP.telstraclear.net.64063 > ns3.google.com.domain: 24259% [1au] A? cdn.ampproject.org. (47)
23:16:36.804018 IP WAN IP.telstraclear.net.46182 > one.one.one.one.domain: 43574+ PTR? 10.36.239.216.in-addr.arpa. (44)
00:00:00.759467 IP one.one.one.one.domain > WAN IP.telstraclear.net.46182: 43574 1/0/0 PTR ns3.google.com. (98)
00:00:00.760121 IP ns3.google.com.domain > WAN IP.telstraclear.net.64063: 24259*- 2/0/1 CNAME cdn-content.ampproject.org., A 216.58.196.129 (89)
23:16:36.971698 IP WAN IP.telstraclear.net.14750 > ns4.google.com.domain: 4435% [1au] A? cdn-content.ampproject.org. (55)
00:00:00.774990 IP ns4.google.com.domain > WAN IP.telstraclear.net.14750: 4435*- 1/0/1 A 216.58.196.129 (71)
23:16:42.033104 IP WAN IP.telstraclear.net.15657 > ns-779.awsdns-33.net.domain: 31521% [1au] A? api.smartthings.com. (48)
No I did not. So how do I change it now in unbound so DoT works?Did you choose the stubby integration in Unbound Manager? Otherwise Unbound is overriding Stubby.
It’s also important to run the tcpdump as I amended with -n to avoid additional lookups by the router to resolve names of the IPs being “dumped”.
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!