What's new

Unbound unbound_manager (Manager/Installer utility for unbound - Recursive DNS Server)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Which SSH client are you using, and what setting do you have for the Del/Backspace keys?

View attachment 24084
mobaxterm
upload_2020-6-16_13-5-24.png


just checked again, this behaviour happens only when i delete "l" - then for any other command it is complaining ...
 
You will only need to make this change to the 2nd dnsmasq instance config file if you are using the alternate blocking list and you want those queries forwarded to unbound as an upstream resolver.

This 2nd dnsmasq conf is created by the alternate-bf.div file which is in turn called by the postconf.div file whenever the main dnsmasq is restarted. Its not dynamically created like the main dnsmasq instance so i think its ok just to replace the line in the alternate-bf.conf file and restart just the 2nd dnsmasq instance.

I had a go at it and my sed looks ok .. not sure if the 2nd instance of dnsmasq is restarting though....
EDIT: just re-read the man page and seems a SIGHUP wont load reload the config... killing it off and restarting it seems to work.... that will teach me not to read :oops:

Code:
#!/bin/sh

if [ -f /opt/share/diversion/.conf/alternate-bf.conf ];then

  if [ -n "\$(grep -E "^port: 53535" /opt/var/lib/unbound/unbound.conf)" ] && [ -n "$(grep -F "servers-file=/tmp/resolv.dnsmasq" /opt/share/diversion/.conf/alternate-bf.conf)" ];then

  sed -i 's/servers\-file\=\/tmp\/resolv\.dnsmasq/server\=127\.0\.0\.1\#53535/' /opt/share/diversion/.conf/alternate-bf.conf

  sed -i '14icache-size=0' /opt/share/diversion/.conf/alternate-bf.conf

  # kill -1 $(ps | grep "dnsmasq -C" | awk '{print $1}')   #SIGHUP

  kill -9 $(ps | grep "dnsmasq -C" | awk '{print $1}')                   #or kill process and restart?
  dnsmasq -C "/opt/share/diversion/.conf/alternate-bf.conf"

  fi
fi

i called this altdnsmasq_unbound and put it in /jffs/addons and made it executable

then just added a call to it in /jffs/scripts/dnsmasq.postconf
Code:
#!/bin/sh
. /opt/share/diversion/file/post-conf.div # Added by Diversion
sh /jffs/addons/unbound/unbound.postconf "$1"           # unbound_manager
sh /jffs/addons/altdnsmasq_unbound

I need to add the cache-size=0 directive to this too to stop the alternate dnsmasq caching replies ... any chance someone can help me with the code to insert this in the right place in the file?..... Fankyooooo!

EDIT : managed to get a solution but maybe not the best.....
Code:
sed -i '14icache-size=0' /opt/share/diversion/.conf/alternate-bf.conf

EDIT some more : amazing what a bit of sleep can do for you!... these solutions will stick the cache-size=0 below or above the server= line instead of counting the line where you want it..
Code:
sed -i '/^server\=127\.0\.0\.1\#53535/acache-size=0'  /opt/share/diversion/.conf/alternate-bf.conf
sed -i '/^server\=127\.0\.0\.1\#53535/icache-size=0'  /opt/share/diversion/.conf/alternate-bf.conf
 
Last edited:
mobaxterm
View attachment 24085

just checked again, this behaviour happens only when i delete "l" - then for any other command it is complaining ...
Apologies for the delay.

I've uploaded Hotfix.

v3.18
Github md5=d101a552f883495993feb43c0c03c47c
 
I'm a first time Unbound user and I've used try and see method to find out lots of things for now all seems OK. I've set unbound as first DNS resolver disabled DNSmasq, enabled adblocker, webui and youtube ad blocker and my cache hit success percent: 50.85 which is not bad I guess but I have some questions. These are basics I've searched the thread but can't find, sorry about this and thanks in advance.

- I want to see the dns queries and replies in real time (like following DNSmasq logs via Diversion); I've tried verbosity as 1-4 but couldn't find the replies that contains IP addresses of the domains. For example; if I ping pastebin.com from my PC, I get reply from 104.23.98.190 but can't see 104.23.98.190 in logs

- I want to see which domains are blocked in real time. I guess by following the log the queries with "always_nxdomain" are the blocked domains. I've tried "adblock track" but it re-installs/updates the adblock and at the end saying "Logging Ad Block BLOCKED domains to log" but I couldn't see any "BLOCKED" in logs.

- If I find out a domain that is blocked how should I whitelist it? I guess I should add it to "ea"?
 
- I want to see the dns queries and replies in real time (like following DNSmasq logs via Diversion); I've tried verbosity as 1-4 but couldn't find the replies that contains IP addresses of the domains. For example; if I ping pastebin.com from my PC, I get reply from 104.23.98.190 but can't see 104.23.98.190 in logs
I think you want the lo and lx menu commands in the advanced menu.
 
I think you want the lo and lx menu commands in the advanced menu.

For this one; dumpcache and searching cache.txt needed I guess. Here what I wanna see for www.snbforums.com from cache.txt

Code:
www.snbforums.com.    1195    IN    A    104.26.8.66
www.snbforums.com.    1195    IN    A    172.67.69.81
www.snbforums.com.    1195    IN    A    104.26.9.66
 
Check to see if log-replies are set to yes or commented out in your unbound.conf through the v command. Im not sure if they are turned off and only log-queries are on by default if you're not using scribe...
 
Did you update Entware packages? I see a long list when I ran amtm update. I haven't updated them as yet since the last round of updates broke scribe and unbound if I remember correctly.
 
Hmmm....my unbound seems to have crashed, and did not restart with a reboot of my router...
OOo... all on its own? ... any debug info? ... Btw ver 1.10.1 available in entware now if you want to take this moment to reinstall
 
Did you update Entware packages? I see a long list when I ran amtm update. I haven't updated them as yet since the last round of updates broke scribe and unbound if I remember correctly.
I ran the entware upgrade and both scribe and unbound seemed to have survived the ordeal
 
Have you updated?
Code:
unbound (pid 5138) is running... uptime: 0 Days, 00:00:07 version: 1.10.1 # rgnldo Github Version=v1.10 Martineau update (Date Loaded by unbound_manager Fri Jun 19 17:15:25 GMT 2020)
 
Did you update Entware packages? I see a long list when I ran amtm update. I haven't updated them as yet since the last round of updates broke scribe and unbound if I remember correctly.
OOo... all on its own? ... any debug info? ... Btw ver 1.10.1 available in entware now if you want to take this moment to reinstall

I updated entware last night and saw a similar longer than usual list...
EDIT: yes, I'm current v1.10.1
reboot and restart seem to have remedied things...yup, I'm back up. but I wonder if it'll survive an uncommanded router reboot, like from a mains power failure.
Time will tell, I suppose...
 
Last edited:
My unbound dropped this morning; I updated Entware last night. Restarting unbound would cause it to immediately die again. I ran option i in unbound_manager to update my config (i hadn't used i for a while) and it all came back up nicely
 
Same as @Jack Yaz here... Running 'i' restored unbound's functionality - it now shows "version: 1.10.1 ". All good.
 
Mine has crashed as well after last evening update of Entware.
I uninstalled Unbound, but now it doesn't let me install anymore.
If I check Entware version it says I am on the last version k-3.10, but if I try to update-upgrade Entware packages it comes with this error: opkg_download: Failed to download http://bin.entware.net/aarch64-k3.10/Packages.gz, wget returned 8.
Unbound install returns the fallowing error:
INSTALLing unbound
***ERROR occurred updating Entware package list

Any ideas?
I tried "i" but id doesn't work.
Thank you
 
I tried to update unbound from 1.10.0 to 1.10.1 but I get an error message that Entware Package could not be loaded and after this attempt Unbound was downgraded to version 1.09. What is going on?
 
I tried to update unbound from 1.10.0 to 1.10.1 but I get an error message that Entware Package could not be loaded and after this attempt Unbound was downgraded to version 1.09. What is going on?

Currently; bin.entware.net is down that's why we can't update eEntware package list which causes installation/update fails
 

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Top