Hello, i've been trying to figure out how to use hagezi's dns blocklists with DNSBL on Unbound but i have this problem.
The lists that don't include domains and subdomains but contain only wildcard domains wouldnt be treated as such and only block exact matches if i use to load they remotely by using the URLs . If i put the where it says Wildcard Domains it works but there i need to put each domain individually and i wont have that auto update of the lists. Is there any other way around this ?
You can now test by applying this patch, report any issues on GH
https://github.com/opnsense/core/commit/15757711a6ad37f7a20612f5e39af7fe19348627 (https://github.com/opnsense/core/commit/15757711a6ad37f7a20612f5e39af7fe19348627)
opnsense-patch 1575771
root@OPNsense:~ # opnsense-patch 1575771
Fetched 1575771 via https://github.com/opnsense/core
Hmm... Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|From 15757711a6ad37f7a20612f5e39af7fe19348627 Mon Sep 17 00:00:00 2001
|From: Stephan de Wit <stephan.de.wit@deciso.com>
|Date: Mon, 2 Oct 2023 14:52:25 +0200
|Subject: [PATCH] unbound: add support for wildcard domain lists (#6905)
|
|Closes https://github.com/opnsense/core/issues/6888
|---
| .../mvc/app/models/OPNsense/Unbound/Unbound.xml | 3 +++
| src/opnsense/scripts/unbound/blocklists/__init__.py | 2 +-
| src/opnsense/scripts/unbound/blocklists/default_bl.py | 10 +++++++---
| .../templates/OPNsense/Unbound/core/blocklists.conf | 5 +++--
| 4 files changed, 14 insertions(+), 6 deletions(-)
|
|diff --git a/src/opnsense/mvc/app/models/OPNsense/Unbound/Unbound.xml b/src/opnsense/mvc/app/models/OPNsense/Unbound/Unbound.xml
|index cd26120d51..18fffeb84d 100644
|--- a/src/opnsense/mvc/app/models/OPNsense/Unbound/Unbound.xml
|+++ b/src/opnsense/mvc/app/models/OPNsense/Unbound/Unbound.xml
--------------------------
Patching file opnsense/mvc/app/models/OPNsense/Unbound/Unbound.xml using Plan A...
Hunk #1 succeeded at 180.
Hmm... The next patch looks like a unified diff to me...
The text leading up to this was:
--------------------------
|diff --git a/src/opnsense/scripts/unbound/blocklists/__init__.py b/src/opnsense/scripts/unbound/blocklists/__init__.py
|index dda249396b..a5a84c2bd4 100755
|--- a/src/opnsense/scripts/unbound/blocklists/__init__.py
|+++ b/src/opnsense/scripts/unbound/blocklists/__init__.py
--------------------------
Patching file opnsense/scripts/unbound/blocklists/__init__.py using Plan A...
Hunk #1 succeeded at 48.
Hmm... The next patch looks like a unified diff to me...
The text leading up to this was:
--------------------------
|diff --git a/src/opnsense/scripts/unbound/blocklists/default_bl.py b/src/opnsense/scripts/unbound/blocklists/default_bl.py
|index 333172aa20..97045a3edc 100755
|--- a/src/opnsense/scripts/unbound/blocklists/default_bl.py
|+++ b/src/opnsense/scripts/unbound/blocklists/default_bl.py
--------------------------
Patching file opnsense/scripts/unbound/blocklists/default_bl.py using Plan A...
Hunk #1 succeeded at 51.
Hunk #2 succeeded at 65.
Hmm... The next patch looks like a unified diff to me...
The text leading up to this was:
--------------------------
|diff --git a/src/opnsense/service/templates/OPNsense/Unbound/core/blocklists.conf b/src/opnsense/service/templates/OPNsense/Unbound/core/blocklists.conf
|index 80bd574465..addac2cf80 100644
|--- a/src/opnsense/service/templates/OPNsense/Unbound/core/blocklists.conf
|+++ b/src/opnsense/service/templates/OPNsense/Unbound/core/blocklists.conf
--------------------------
Patching file opnsense/service/templates/OPNsense/Unbound/core/blocklists.conf using Plan A...
Hunk #1 succeeded at 1.
Hunk #2 succeeded at 63.
done
All patches have been applied successfully. Have a nice day.
Is there a chance that this could get implemented in the near future? Thanks!
~jm
You need the 'wildcard asterisk' blocklist type for this, not the 'wildcard domains'? Seems to work alright. Load times are a bit faster as well (1.19 vs 4.51s).