Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: mihak on January 31, 2021, 08:00:03 PM

Title: unbound.conf - log-replies parameter not working?
Post by: mihak on January 31, 2021, 08:00:03 PM
I noticed that OPNSense unbound parameters only include the checkbox for log-queries, but there is no checkbox for log-replies.

So, after verifying that OPNSense unbound version (v 1.13.0) indeed does support log-replies (by checking man unbound.conf), I added it as a custom option, alongside with log-tag-queryreply option and let OPNSense re-generate /var/unbound/unbound.conf

Except unbound service then refuses to start and ubnound-checkconf complains with:

% sudo unbound-checkconf /var/unbound/unbound.conf
/var/unbound/unbound.conf:100: error: syntax error
read /var/unbound/unbound.conf failed: 1 errors in configuration file

upon inspection, unbound.conf seems legit, the added line items from custom options look just fine:

...
# Unbound custom options
log-tag-queryreply: yes
log-replies: yes
...

What am I doing wrong here? (also, shouldn't we link together log-queries, log-replies and log-tag-queryreply when user wants to see quyery diagnostics in the log?)
Title: Re: unbound.conf - log-replies parameter not working?
Post by: Fright on January 31, 2021, 08:49:55 PM
its part of "server:" clause. so it should be
Code Select

server:
  log-tag-queryreply: yes
  log-replies: yes

in "custom options"
but keep in mind unbound notes in 21.1 notes
https://forum.opnsense.org/index.php?topic=21147.0
Title: Re: unbound.conf - log-replies parameter not working?
Post by: mihak on January 31, 2021, 09:26:22 PM
yes, we should move these two config options to be enabled automatically through Log queries selection on Unbound-Advanced tab.
Title: Re: unbound.conf - log-replies parameter not working?
Post by: Fright on February 01, 2021, 11:05:51 AM
Quotewe should move these two config options to be enabled automatically
I didn't say it and don't agree
Title: Re: unbound.conf - log-replies parameter not working?
Post by: rhubarb on May 18, 2021, 03:19:52 AM
Quote from: Fright on February 01, 2021, 11:05:51 AM
Quotewe should move these two config options to be enabled automatically
I didn't say it and don't agree

Too much clutter?
Title: Re: unbound.conf - log-replies parameter not working?
Post by: kd.gundermann on July 21, 2022, 04:30:25 PM
Quote from: Fright on January 31, 2021, 08:49:55 PM
but keep in mind unbound notes in 21.1 notes
https://forum.opnsense.org/index.php?topic=21147.0

so we should create an additional file in /usr/local/etc/unbound.opnsense.d e.g. logging.conf ??
See: https://docs.opnsense.org/manual/unbound.html#advanced-configurations  [1]

Tried this but it's not getting included in /var/unbound/unbound.conf
( Running OPNsense 22.4.2-amd64 )

Then tried using the Template system as described in [1].
Does not work either
Title: Re: unbound.conf - log-replies parameter not working?
Post by: kd.gundermann on July 21, 2022, 05:00:53 PM
Quote from: kd.gundermann on July 21, 2022, 04:30:25 PM
Then tried using the Template system as described in [1].

Problem solved:
the conf file is not merged into /var/bound/unbound.conf
but gets included by: 
Code Select

# Custom includes
include: /var/unbound/etc/*.conf

Text only | Text with Images