Martineau,I have just pushed a Hotfix.
I have made a typo 'interfaces:' should be 'interface:' when detecting duplicates.
Thanks, stats are back in biz, and we're authoritative again. Good work on all of this.Version=3.01
Intentional typo? XDFIX: '2 = Uninstall unbound/unbound_mangler'
I decided to try and discourage most from using Advanced mode, but touch the appropriate fileHow can I make the advanced menu the default? I can launch unbound_manager advanced from the CLI, but I must be missing a trick to make it persistent...
There is no reason why a noob would need to be regularly camped in front of the 'Easy' menu?I'm kinda torn back and forth about the "new" interaction, not hitting enter after choosing a menu.
I like it, but as @LimJK already stated, the execution of scripts should be consistend throughout our routers.
Got it, working nowI decided to try and discourage most from using Advanced mode, but touch the appropriate file
I can't recreate the issue.During the update, I got an error message below that the 'SSL handshake failed'. The solution is not to reuse the unbound.conf and press enter to download the new unbound.conf.
Code:Do you want to KEEP your current unbound configuration? ('20200412-071748_unbound.conf') Reply 'y' to KEEP or press [Enter] to use new downloaded 'unbound.conf' y Reloading 'unbound.conf' status=error: SSL handshake failed error: SSL handshake failed ***ERROR unbound-control - failed'?
Options: Auto Reply='y' for User Selectable Options ('')
[?] Router Graphical GUI statistics TAB installed
[?] unbound-control FAST response ENABLED
Do you want to KEEP your current unbound configuration? ('20200412-122527_unbound.conf')
Reply 'y' to KEEP or press [Enter] to use new downloaded 'unbound.conf'
y
Reloading 'unbound.conf' status=ok
=======================================================================================================================================================================================
unbound (pid 16962) is running... uptime: 0 Days, 00:00:21 version: 1.10.0 # rgnldo Github Version=v1.08 Martineau update (Date Loaded by unbound_manager Sun Apr 12 12:26:10 DST 2020)
i = Update unbound and configuration ('/opt/var/lib/unbound/') l = Show unbound log entries (lo=Enable Logging)
I've uploaded BETA 'unbound_manager' v3.02 and 'unbound.conf' v1.09 to support your proposal.Hello Martineau,
Can I suggest renaming the RPZ Firewall to DNS Firewall? This seems to be the industry name.
Secondly, if I add in a simple check if Unbound is running before calling reload zone, you could use my unbound_rpz.sh to enable this feature by simply downloading and running the script (you have the rpz: in the conf file already. It can be left in the file always without errors if the zone file doesn’t exist in disk. No need for URL: part at this point. Just name, zonefile and maybe log options. )
Uninstall would be to simply remove the cron job and delete that file.
Thoughts?
e = Exit Script
A:Option ==> uf dev
unbound_manager.sh downloaded successfully Github 'dev/development' branch
unbound Manager UPDATE Complete! 22e316f94dcbd1a0cbebeb06a330b147
e = Exit Script
A:Option ==> i dev
<snip>
Retrieving the 13 InterNIC Root DNS Servers from 'https://www.internic.net/domain/named.cache'.....
######################################################################################################################################################################################## 100.0%
Retrieving Custom unbound configuration
unbound.conf downloaded successfully Github 'dev/development' branch
Checking IPv6.....
Customising unbound configuration Options:
unbound-checkconf: no errors in /opt/var/lib/unbound/unbound.conf
Shutting down unbound... done.
Starting unbound... done.
Checking status, please wait..... unbound OK
Auto install unbound Customisation complete 0 minutes and 21 seconds elapsed - Please wait for up to 10 seconds for status.....
e = Exit Script
A:Option ==> firewall
Do you want to enable DNS Firewall?
Reply 'y' or press [Enter] to skip
y
unbound_rpz.sh downloaded successfully Github 'dev/development' branch
rpzsites downloaded successfully Github 'dev/development' branch
Unbound-RPZ.sh - V1.0.1 running...
Attempting to Download 1 of 1 from .
######################################################################## 100.0%
Reload unbound for zone named rpz.urlhaus.abuse.ch
error no auth-zone rpz.urlhaus.abuse.ch
unbound DNS Firewall ENABLED
e = Exit Script
A:Option ==> ?
Version=3.02
Github md5=22e316f94dcbd1a0cbebeb06a330b147
<snip>
[✔] Router Graphical GUI statistics TAB installed
[✔] unbound-control FAST response ENABLED
[✔] DNS Firewall ENABLED
e = Exit Script
A:Option ==> sgui
unbound-control set_option 'extended-statistics yes' ok
Option Auto Reply 'y'
Installing @juched's GUI TAB to Graphically display unbound stats.....
unbound_stats.sh downloaded successfully
unboundstats_www.asp downloaded successfully
cat: can't open '/jffs/addons/unbound/www-installed.md5': No such file or directory
cat: can't open '/jffs/addons/unbound/www-installed.md5': No such file or directory
Mounting Unbound_Stats.sh WebUI page as user3.asp
Saving MD5 of installed file /jffs/addons/unbound/unboundstats_www.asp to /jffs/addons/unbound/www-installed.md5
Calculated Cache Hit Percentage: 92.13
Adding new value to DB...
Calculating Daily data...
Calculating Weekly and Monthly data...
Outputting histogram performance data...
Outputting answers data...
FYI @juched
Can you look at suppressing the error messages when installing the Statistics GUI TAB:
Code:e = Exit Script A:Option ==> sgui unbound-control set_option 'extended-statistics yes' ok Option Auto Reply 'y' Installing @juched's GUI TAB to Graphically display unbound stats..... unbound_stats.sh downloaded successfully unboundstats_www.asp downloaded successfully cat: can't open '/jffs/addons/unbound/www-installed.md5': No such file or directory cat: can't open '/jffs/addons/unbound/www-installed.md5': No such file or directory Mounting Unbound_Stats.sh WebUI page as user3.asp Saving MD5 of installed file /jffs/addons/unbound/unboundstats_www.asp to /jffs/addons/unbound/www-installed.md5 Calculated Cache Hit Percentage: 92.13 Adding new value to DB... Calculating Daily data... Calculating Weekly and Monthly data... Outputting histogram performance data... Outputting answers data...
cant enable rpz firewall in 3.02 with dev conf file:
Code:'unbound_rpz.sh' download FAILED with curl error 404
This is great. Love the solution.I've uploaded BETA 'unbound_manager' v3.02 and 'unbound.conf' v1.09 to support your proposal.
Try it out in 'Advanced' menu mode
e.g. update the 'unbound_manager.sh' script
and you will need to retrieve the associated 'unbound.conf'Code:e = Exit Script A:Option ==> uf dev unbound_manager.sh downloaded successfully Github 'dev/development' branch unbound Manager UPDATE Complete! 22e316f94dcbd1a0cbebeb06a330b147
I have replaced 'RPZ Firewall' references with 'DNS Firewall'Code:e = Exit Script A:Option ==> i dev <snip> Retrieving the 13 InterNIC Root DNS Servers from 'https://www.internic.net/domain/named.cache'..... ######################################################################################################################################################################################## 100.0% Retrieving Custom unbound configuration unbound.conf downloaded successfully Github 'dev/development' branch Checking IPv6..... Customising unbound configuration Options: unbound-checkconf: no errors in /opt/var/lib/unbound/unbound.conf Shutting down unbound... done. Starting unbound... done. Checking status, please wait..... unbound OK Auto install unbound Customisation complete 0 minutes and 21 seconds elapsed - Please wait for up to 10 seconds for status.....
Code:e = Exit Script A:Option ==> rpz Do you want to enable DNS Firewall? Reply 'y' or press [Enter] to skip y unbound_rpz.sh downloaded successfully Github 'dev/development' branch rpzsites downloaded successfully Github 'dev/development' branch Unbound-RPZ.sh - V1.0.1 running... Attempting to Download 1 of 1 from . ######################################################################## 100.0% Reload unbound for zone named rpz.urlhaus.abuse.ch error no auth-zone rpz.urlhaus.abuse.ch unbound DNS Firewall ENABLED
Code:e = Exit Script A:Option ==> ? Version=3.02 Github md5=22e316f94dcbd1a0cbebeb06a330b147 <snip> [✔] Router Graphical GUI statistics TAB installed [✔] unbound-control FAST response ENABLED [✔] DNS Firewall ENABLED
'rpz disable' turns off the 'DNS Firewall'
EDIT: The creation of the cron job in 'services-start' appears to have gone AWOL in your script...could have sworn that it was there before.
opkg remove --force-depends libunbound
I just knew I should have held off, waiting for your guide to appear.Updated a few routers to the latest unbound_manager and ep (Entware) updates that became available in the last couple of days.
Steps to success outlined below.
Done.
- Assuming amtm v3.16 FW is currently running properly.
- Update unbound_manager to v3.01, 'u'.
- Stop unbound (new option '3').
- Exit to command prompt 'e' and issue the following command.
Code:opkg remove --force-depends libunbound
- in amtm update Entware packages with 'ep', Enter, '1', Enter, '1', Enter.
- Go to unbound_manager, '7'.
- Install the latest v3.01 with '1'.
- Don't enable logging (just hit enter).
- Enable optimizations 'y'.
- Don't enable Firefox (just hit enter).
HTH.
Hi Martineau,FYI @juched
Can you look at suppressing the error messages when installing the Statistics GUI TAB:
Code:e = Exit Script A:Option ==> sgui unbound-control set_option 'extended-statistics yes' ok Option Auto Reply 'y' Installing @juched's GUI TAB to Graphically display unbound stats..... unbound_stats.sh downloaded successfully unboundstats_www.asp downloaded successfully cat: can't open '/jffs/addons/unbound/www-installed.md5': No such file or directory cat: can't open '/jffs/addons/unbound/www-installed.md5': No such file or directory Mounting Unbound_Stats.sh WebUI page as user3.asp Saving MD5 of installed file /jffs/addons/unbound/unboundstats_www.asp to /jffs/addons/unbound/www-installed.md5 Calculated Cache Hit Percentage: 92.13 Adding new value to DB... Calculating Daily data... Calculating Weekly and Monthly data... Outputting histogram performance data... Outputting answers data...
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!