Hi everyone,
I'm currently using the latest business version of opnsense (just to support the project, I use it for my home network)
and today I realized that some of the external blocklists I added to unbound are not being loaded when they use the actual unbound blocklist style.
E.g.
https://github.com/hagezi/dns-blocklists/blob/main/unbound/doh.blacklist.conf
local-zone: "some-domain.com." always_nxdomain
So it seems that that format is not supported by opnsense, while when adding the entries manually as a custom configuration through the CLI they work as expected.
So far I was unable to find a list of supported formats / syntax in the docs.
Does anyone know where I can find the documentation for that ?
Also, can we assume that the formats used by the included blocklists are supported ?
Hi
iirc OPN now supports wildcard lists. like
https://github.com/hagezi/dns-blocklists/blob/main/wildcard/doh.txt
I can confirm this. Previously, OPNsense used to support the 'hosts' format, which still works, but recently the 'wildcard asterisk' format got also supported. This is quite a bit faster in loading and processing because the lists themselves are more compact.
Hi @Fright & @dinguz
thank you for your help :) , I can confirm that the wildcard versions of HaGeZi's blocklists work perfectly
even the ultimate list with around 400k entries loads quite fast on my DEC695.
E.g. log entry for the ultimate list
blocklist: https://raw.githubusercontent.com/hagezi/dns-blocklists/main/wildcard/ultimate.txt (exclude: 8 block: 461027 wildcard: 461027)