"
One problem with Unbound DNSBL is that log files aren't exposed in the plugin yet, so if a site is blocked, it's difficult to find out what site was blocked.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
General Discussion / Re: No DHCP registered DNS resolution when using Unbound with BIND DNSBL ad-block
February 13, 2020, 04:02:45 PM #2
General Discussion / Re: No DHCP registered DNS resolution when using Unbound with BIND DNSBL ad-block
February 12, 2020, 11:10:28 PM
That worked, thanks ArminF!
As a bonus, BIND DNS is no longer needed.
As a bonus, BIND DNS is no longer needed.
#3
General Discussion / Re: Install PiHole on Opnsense
January 14, 2020, 11:22:56 PM
Instructions for generic black lists, personal whitelists:
https://www.routerperformance.net/opnsense/dnsbl-via-bind-plugin
Use System -> Settings -> Cron -> "Download BIND DNSBLs and Restart" to automate updates.
I haven't tried personal black lists, but this posts seems to indicate the sensei plugin can help:
https://forum.opnsense.org/index.php?topic=15414.0
https://www.routerperformance.net/opnsense/dnsbl-via-bind-plugin
Use System -> Settings -> Cron -> "Download BIND DNSBLs and Restart" to automate updates.
I haven't tried personal black lists, but this posts seems to indicate the sensei plugin can help:
https://forum.opnsense.org/index.php?topic=15414.0
#4
General Discussion / Re: No DHCP DNS registration when using Unbound with BIND DNSBL ad-block
January 14, 2020, 08:58:47 PM
Yes, I did perform the last step with the bizarre quotes in the name parameter which seems to be a typo, and I tried with changing the quotes to normal quotes:
do-not-query-localhost: no
forward-zone:
name: "."
forward-addr: 127.0.0.1@53530
Screenshot attached.
It seems that all queries are still forwarded by Unbound to BIND. If I turn off the port forward, then machines in .localdomain resolve properly.
Can you explain to me what each of the options do? I've read the documentation (https://nlnetlabs.nl/documentation/unbound/unbound.conf/), but I'm new to DNS configuration and more elaboration would help me understand.
It seems to be that {name: "."} forwards everything to BIND (running on 127.0.0.1@53530). It seems we need an option to forward everything except for "*.localdomain".
do-not-query-localhost: no
forward-zone:
name: "."
forward-addr: 127.0.0.1@53530
Screenshot attached.
It seems that all queries are still forwarded by Unbound to BIND. If I turn off the port forward, then machines in .localdomain resolve properly.
Can you explain to me what each of the options do? I've read the documentation (https://nlnetlabs.nl/documentation/unbound/unbound.conf/), but I'm new to DNS configuration and more elaboration would help me understand.
It seems to be that {name: "."} forwards everything to BIND (running on 127.0.0.1@53530). It seems we need an option to forward everything except for "*.localdomain".
#5
General Discussion / No DHCP registered DNS resolution when using Unbound with BIND DNSBL ad-block
January 14, 2020, 06:06:48 PM
Originally posted in old thread https://forum.opnsense.org/index.php?topic=10180.new#new, but maybe that thread is too old.
---
I followed the instructions at https://www.routerperformance.net/opnsense/dnsbl-via-bind-plugin, and am successfully blocking ads for my LAN. However, local DNS DHCP registration no longer works for the local network. For example:
~> nslookup brother.localdomain
Server: 192.168.1.1
Address: 192.168.1.1#53
** server can't find brother.localdomain: NXDOMAIN
If I disable the port forward to BIND (Firewall -> NAT -> Port Forward), then local DNS works fine:
~> nslookup brother.localdomain
Server: 192.168.1.1
Address: 192.168.1.1#53
Name: brother.localdomain
Address: 192.168.1.7
How can I configure OPNSense to use both BIND DNSBL and local DNS DHCP registration?
---
I followed the instructions at https://www.routerperformance.net/opnsense/dnsbl-via-bind-plugin, and am successfully blocking ads for my LAN. However, local DNS DHCP registration no longer works for the local network. For example:
~> nslookup brother.localdomain
Server: 192.168.1.1
Address: 192.168.1.1#53
** server can't find brother.localdomain: NXDOMAIN
If I disable the port forward to BIND (Firewall -> NAT -> Port Forward), then local DNS works fine:
~> nslookup brother.localdomain
Server: 192.168.1.1
Address: 192.168.1.1#53
Name: brother.localdomain
Address: 192.168.1.7
How can I configure OPNSense to use both BIND DNSBL and local DNS DHCP registration?
#6
General Discussion / Re: Advices to configure Unbound and Bind plugin for ad-block
January 07, 2020, 04:21:51 AM
I followed the instructions at https://www.routerperformance.net/opnsense/dnsbl-via-bind-plugin, and am successfully blocking ads for my LAN. However, local DNS DHCP registration no longer works for the local network. For example:
~> nslookup brother.localdomain
Server: 192.168.1.1
Address: 192.168.1.1#53
** server can't find brother.localdomain: NXDOMAIN
If I disable the port forward to BIND (Firewall -> NAT -> Port Forward), then local DNS works fine:
~> nslookup brother.localdomain
Server: 192.168.1.1
Address: 192.168.1.1#53
Name: brother.localdomain
Address: 192.168.1.7
How can I configure OPNSense to use both BIND DNSBL and local DNS DHCP registration?
~> nslookup brother.localdomain
Server: 192.168.1.1
Address: 192.168.1.1#53
** server can't find brother.localdomain: NXDOMAIN
If I disable the port forward to BIND (Firewall -> NAT -> Port Forward), then local DNS works fine:
~> nslookup brother.localdomain
Server: 192.168.1.1
Address: 192.168.1.1#53
Name: brother.localdomain
Address: 192.168.1.7
How can I configure OPNSense to use both BIND DNSBL and local DNS DHCP registration?
Pages1
