Messages

Forgive me if this isn't the right sub-forum, I wanted to share a very simple web app I made that allows you to toggle the ad blocking feature of the unbound DNS server using the OPNsense API. Basically you just give it your API key and secret, and your router's IP or hostname. I also built it into a container.

It's nothing remotely flashy, but I know it will be a great convenience to me.

https://github.com/hibby50/opnsense-unbound-dnsbl-toggle

Hi All,

I'm looking for some help using the API to disable adblock in unbound. When I run the below script, it outputs ok, but the setting never changes. Is there something else I need to execute to apply the setting or something? I looked at the network console in my browser and though I had it all covered. I will post the code and output below. Any help would be appreciated.

Code Select Expand


# import libraries
import json
import requests

# define endpoint and credentials
api_key = '<redacted>'
api_secret = '<redacted>'
url = 'https://hibrouter/api/unbound/settings/set'
setting = '{"unbound":{"dnsbl":{"enabled":"0","type":"aa,ag,sa,st","lists":"","whitelists":""},"miscellaneous":{"privatedomain":"","insecuredomain":""}}}'
apply_url = "https://hibrouter/api/unbound/service/dnsbl"

# request data
r = requests.post(url,
                 verify=False,
                 data=setting,
                 auth=(api_key, api_secret))

if r.status_code == 200:
    response = json.loads(r.text)
    print(str(r.text))
else:
    print ('Connection / Authentication issue, response received:')
    print (r.text)

r = requests.post(apply_url,
                 verify=False,
                 auth=(api_key, api_secret))

if r.status_code == 200:
    response = json.loads(r.text)
    print(str(r.text))
else:
    print ('Connection / Authentication issue, response received:')
    print (r.text)


Code Select Expand


╰─ python3 adblock-api.py
/usr/lib/python3.8/site-packages/urllib3/connectionpool.py:1043: InsecureRequestWarning: Unverified HTTPS request is being made to host 'hibrouter'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings
  warnings.warn(
{"result":"saved"}
/usr/lib/python3.8/site-packages/urllib3/connectionpool.py:1043: InsecureRequestWarning: Unverified HTTPS request is being made to host 'hibrouter'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings
  warnings.warn(
{"status":"OK\n\n"}


Hey all,

I wanted to resurrect this thread. I'm a new convert to opnsense and I'm really impressed. Though I am having issues with single connection performance on my apu2e4 (i210 nic).

I know this horse has been beaten to death, the problem I'm having is a lot of the tunables that get posted around are not up to date, and I haven't seen anything for newer BSD versions. I have no problem getting gigabit with multiple streams in iperf, but singe stream tops out around 400mbps. I know the hardware is capable of it since it worked fine on linux (again I know, dead horse)

I'm more interested in understanding the technical reason behind the limitation, if there are tunables/settings in opnsense 22 that can improve the performance, and is there an upstream bug/effort to improve this.