Hi there,
So when using this Hagezi blocklist for unbound in RPZ format (https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/rpz/multi.txt/) ( also see here (https://github.com/hagezi/dns-blocklists?tab=readme-ov-file#blue_book-multi-normal---all-round-protection-) ) the OPNsense "Unbound DNS Log File" says:
blocklist download: 286903 total lines downloaded for https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/rpz/multi.txt
blocklist: https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/rpz/multi.txt (exclude: 286902 block: 1 wildcard: 0)
blocklist parsing done in 1.87 seconds (1 records)
So apparently OPNSense Unbound does not load this blocklist at all.
(using another format like the "Wildcard Asterisk" format https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/wildcard/multi.txt works correctly as expected.)
So is this a known / expected limitation currently, the RPZ format not working?
Thank you!
https://docs.opnsense.org/manual/unbound.html#blocklists
QuoteOnly plain text files containing a list of fqdn's (e.g. my.evil.domain.com) OR wildcard domains (e.g. *.my.evil.domain.com) are supported.