Unbound unbound_manager (Manager/Installer utility for unbound - Recursive DNS Server)
- Thread starter Martineau
- Start date
Martineau,
Thanks ... I have just updated to v3.0.1 ... all is well so far
. However, I noticed that in unbound_manager (under amtm) when I type my input, such as "u" to update or other input, it gets executed straight away without giving me a chance to hit the "Enter" key
, I thought it will be nice if accepting input field should be consistent for all the scripts within amtm. Thank you for considering.I like the new menu / interaction within unbound_manager, sort of less confusing for me
Thanks!
Martineau
Part of the Furniture
I've uploaded v3.01 and unbound.conf v1.08
(Everyone knows you should avoid a 'vX.00' software release like the proverbial............)
EDIT: If upgrading from v2.18 please follow instruction in post #3
Use of the '1/i = Update unbound Installation' **Optional if already on v3.00** see Change Log
FIX: '2 = Uninstall unbound/unbound_mangler' command leaves orphaned Graphical Statistics TAB, with no way to reinstall in 'Easy' mode.
CHANGE: Improve the comments in 'unbound.conf' - some were misplaced or worded badly etc.
(Everyone knows you should avoid a 'vX.00' software release like the proverbial............)
Version=3.01
Github md5=22e316f94dcbd1a0cbebeb06a330b147
Github md5=22e316f94dcbd1a0cbebeb06a330b147
Use of the '1/i = Update unbound Installation' **Optional if already on v3.00** see Change Log
FIX: '2 = Uninstall unbound/unbound_mangler' command leaves orphaned Graphical Statistics TAB, with no way to reinstall in 'Easy' mode.
CHANGE: Improve the comments in 'unbound.conf' - some were misplaced or worded badly etc.
Last edited:
Centrifuge
Senior Member
Thanks, stats are back in biz, and we're authoritative again. Good work on all of this.
Jack Yaz
Part of the Furniture
Intentional typo? XD
Great stuff, v3.01 running well on my 86U
EDIT: How can I make the advanced menu the default? I can launch unbound_manager advanced from the CLI, but I must be missing a trick to make it persistent...
Martineau
Part of the Furniture
I decided to try and discourage most from using Advanced mode, but touch the appropriate file
Martineau
Part of the Furniture
There is no reason why a noob would need to be regularly camped in front of the 'Easy' menu?
So after the initial unbound install/configuration, probably the only time you would access the 'Easy' menu again would be because amtm directed you there due to a new version of 'update_manager' being available 'u', or to uninstall either of the two optional features or to remove unbound/unbound_manager entirely.
NOTE: Clearly the confirmation 'Are you sure?....' prompts prudently enforce the necessary ENTER key.
Jack Yaz
Part of the Furniture
Got it, working nowI decided to try and discourage most from using Advanced mode, but touch the appropriate file
Thanks!
Martineau
Part of the Furniture
I can't recreate the issue.
Code:
Options: Auto Reply='y' for User Selectable Options ('')
[?] Router Graphical GUI statistics TAB installed
[?] unbound-control FAST response ENABLED
Do you want to KEEP your current unbound configuration? ('20200412-122527_unbound.conf')
Reply 'y' to KEEP or press [Enter] to use new downloaded 'unbound.conf'
y
Reloading 'unbound.conf' status=ok
=======================================================================================================================================================================================
unbound (pid 16962) is running... uptime: 0 Days, 00:00:21 version: 1.10.0 # rgnldo Github Version=v1.08 Martineau update (Date Loaded by unbound_manager Sun Apr 12 12:26:10 DST 2020)
i = Update unbound and configuration ('/opt/var/lib/unbound/') l = Show unbound log entries (lo=Enable Logging)
juched
Very Senior Member
Hello Martineau,
Can I suggest renaming the RPZ Firewall to DNS Firewall? This seems to be the industry name.
Secondly, if I add in a simple check if Unbound is running before calling reload zone, you could use my unbound_rpz.sh to enable this feature by simply downloading and running the script (you have the rpz: in the conf file already. It can be left in the file always without errors if the zone file doesn’t exist in disk. No need for URL: part at this point. Just name, zonefile and maybe log options. )
Uninstall would be to simply remove the cron job and delete that file.
Thoughts?
Can I suggest renaming the RPZ Firewall to DNS Firewall? This seems to be the industry name.
Secondly, if I add in a simple check if Unbound is running before calling reload zone, you could use my unbound_rpz.sh to enable this feature by simply downloading and running the script (you have the rpz: in the conf file already. It can be left in the file always without errors if the zone file doesn’t exist in disk. No need for URL: part at this point. Just name, zonefile and maybe log options. )
Uninstall would be to simply remove the cron job and delete that file.
Thoughts?
Martineau
Part of the Furniture
I've uploaded BETA 'unbound_manager' v3.02 and 'unbound.conf' v1.09 to support your proposal.
Try it out in 'Advanced' menu mode
e.g. update the 'unbound_manager.sh' script
Code:
e = Exit Script
A:Option ==> uf dev
unbound_manager.sh downloaded successfully Github 'dev/development' branch
unbound Manager UPDATE Complete! 22e316f94dcbd1a0cbebeb06a330b147
Code:
e = Exit Script
A:Option ==> i dev
<snip>
Retrieving the 13 InterNIC Root DNS Servers from 'https://www.internic.net/domain/named.cache'.....
######################################################################################################################################################################################## 100.0%
Retrieving Custom unbound configuration
unbound.conf downloaded successfully Github 'dev/development' branch
Checking IPv6.....
Customising unbound configuration Options:
unbound-checkconf: no errors in /opt/var/lib/unbound/unbound.conf
Shutting down unbound... done.
Starting unbound... done.
Checking status, please wait..... unbound OK
Auto install unbound Customisation complete 0 minutes and 21 seconds elapsed - Please wait for up to 10 seconds for status.....
Code:
e = Exit Script
A:Option ==> firewall
Do you want to enable DNS Firewall?
Reply 'y' or press [Enter] to skip
y
unbound_rpz.sh downloaded successfully Github 'dev/development' branch
rpzsites downloaded successfully Github 'dev/development' branch
Unbound-RPZ.sh - V1.0.1 running...
Attempting to Download 1 of 1 from .
######################################################################## 100.0%
Reload unbound for zone named rpz.urlhaus.abuse.ch
error no auth-zone rpz.urlhaus.abuse.ch
unbound DNS Firewall ENABLED
Code:
e = Exit Script
A:Option ==> ?
Version=3.02
Github md5=22e316f94dcbd1a0cbebeb06a330b147
<snip>
[✔] Router Graphical GUI statistics TAB installed
[✔] unbound-control FAST response ENABLED
[✔] DNS Firewall ENABLED'rpz disable' turns off the 'DNS Firewall'
EDIT: The creation of the cron job in 'services-start' appears to have gone AWOL in your script...could have sworn that it was there before.
Last edited:
Martineau
Part of the Furniture
FYI @juched
Can you look at suppressing the error messages when installing the Statistics GUI TAB:
Can you look at suppressing the error messages when installing the Statistics GUI TAB:
Code:
e = Exit Script
A:Option ==> sgui
unbound-control set_option 'extended-statistics yes' ok
Option Auto Reply 'y'
Installing @juched's GUI TAB to Graphically display unbound stats.....
unbound_stats.sh downloaded successfully
unboundstats_www.asp downloaded successfully
cat: can't open '/jffs/addons/unbound/www-installed.md5': No such file or directory
cat: can't open '/jffs/addons/unbound/www-installed.md5': No such file or directory
Mounting Unbound_Stats.sh WebUI page as user3.asp
Saving MD5 of installed file /jffs/addons/unbound/unboundstats_www.asp to /jffs/addons/unbound/www-installed.md5
Calculated Cache Hit Percentage: 92.13
Adding new value to DB...
Calculating Daily data...
Calculating Weekly and Monthly data...
Outputting histogram performance data...
Outputting answers data...juched
Very Senior Member
I fixed the error message. I also moved rpz script to master, so no need to use dev branch for that to work.
Martineau
Part of the Furniture
D
Deleted member 62525
Guest
This is great. Love the solution.I've uploaded BETA 'unbound_manager' v3.02 and 'unbound.conf' v1.09 to support your proposal.
Try it out in 'Advanced' menu mode
e.g. update the 'unbound_manager.sh' script
and you will need to retrieve the associated 'unbound.conf'Code:e = Exit Script A:Option ==> uf dev unbound_manager.sh downloaded successfully Github 'dev/development' branch unbound Manager UPDATE Complete! 22e316f94dcbd1a0cbebeb06a330b147
I have replaced 'RPZ Firewall' references with 'DNS Firewall'Code:e = Exit Script A:Option ==> i dev <snip> Retrieving the 13 InterNIC Root DNS Servers from 'https://www.internic.net/domain/named.cache'..... ######################################################################################################################################################################################## 100.0% Retrieving Custom unbound configuration unbound.conf downloaded successfully Github 'dev/development' branch Checking IPv6..... Customising unbound configuration Options: unbound-checkconf: no errors in /opt/var/lib/unbound/unbound.conf Shutting down unbound... done. Starting unbound... done. Checking status, please wait..... unbound OK Auto install unbound Customisation complete 0 minutes and 21 seconds elapsed - Please wait for up to 10 seconds for status.....
Code:e = Exit Script A:Option ==> rpz Do you want to enable DNS Firewall? Reply 'y' or press [Enter] to skip y unbound_rpz.sh downloaded successfully Github 'dev/development' branch rpzsites downloaded successfully Github 'dev/development' branch Unbound-RPZ.sh - V1.0.1 running... Attempting to Download 1 of 1 from . ######################################################################## 100.0% Reload unbound for zone named rpz.urlhaus.abuse.ch error no auth-zone rpz.urlhaus.abuse.ch unbound DNS Firewall ENABLEDCode:e = Exit Script A:Option ==> ? Version=3.02 Github md5=22e316f94dcbd1a0cbebeb06a330b147 <snip> [✔] Router Graphical GUI statistics TAB installed [✔] unbound-control FAST response ENABLED [✔] DNS Firewall ENABLED
'rpz disable' turns off the 'DNS Firewall'
EDIT: The creation of the cron job in 'services-start' appears to have gone AWOL in your script...could have sworn that it was there before.
L&LD
Part of the Furniture
Updated a few routers to the latest unbound_manager and ep (Entware) updates that became available in the last couple of days.
Steps to success outlined below.
HTH.
Steps to success outlined below.
- Assuming amtm v3.16 FW is currently running properly.
- Update unbound_manager to v3.01, 'u'.
- Stop unbound (new option '3').
- Exit to command prompt 'e' and issue the following command.
-
Code:
opkg remove --force-depends libunbound - in amtm update Entware packages with 'ep', Enter, '1', Enter, '1', Enter.
- Go to unbound_manager, '7'.
- Install the latest v3.01 with '1'.
- Don't enable logging (just hit enter).
- Enable optimizations 'y'.
- Don't enable Firefox (just hit enter).
HTH.
I just knew I should have held off, waiting for your guide to appear.Updated a few routers to the latest unbound_manager and ep (Entware) updates that became available in the last couple of days.
Steps to success outlined below.
Done.
- Assuming amtm v3.16 FW is currently running properly.
- Update unbound_manager to v3.01, 'u'.
- Stop unbound (new option '3').
- Exit to command prompt 'e' and issue the following command.
opkg remove --force-depends libunbound- in amtm update Entware packages with 'ep', Enter, '1', Enter, '1', Enter.
- Go to unbound_manager, '7'.
- Install the latest v3.01 with '1'.
- Don't enable logging (just hit enter).
- Enable optimizations 'y'.
- Don't enable Firefox (just hit enter).
HTH.
ColDen
Senior Member
Hi Martineau,
I have also noticed the following additional errors (in red boxes) with my RT-AC86U:
While Unbound seem to be correctly working, I am still wondering if the above reported issues may have prevented the script to correctly write back some important information for my .
Thanks,
Denis
Similar threads
Similar threads
Similar threads
-
Unbound Force all DNS requests through Unbound using iptables?- Started by muffintastic
- Replies: 14
-
-
-
-
-
-
Is it possible to use nord dns with unbound or any way to add it?- Started by Jack-Sparr0w
- Replies: 9
-
-
Unbound Use unbound/router as default DNS server
- Started by BeachGuy
- Replies: 2
-