Topics

1

23.1 Legacy Series / Unbound DNSBL, bypass for specific IPs

« on: February 01, 2023, 04:06:56 pm »

In the past I was able to create custom views within the command line and aded to /usr/local/etc/unbound.opnsense.d, however, that's when it was utilizing the dnsbl.conf directly.

Has anyone else attempted this?   All I see usable would be dnsbl.json, but when added to a custom .conf file unbound won't start.



This is the preliminary test:

server:
    access-control-view: 192.168.1.2/32 bypass
    access-control-view: 192.168.1.0/24 dnsbl
view:
    name: "bypass"
    view-first: yes
view:
    name: "dnsbl"
    view-first: yes
    include: /data/dnsbl.json




Any input would be appreciated!

Thank you!

2

22.7 Legacy Series / /usr/local/etc/unbound.opnsense.d/dnsbl.conf no such file or directory

« on: December 07, 2022, 02:26:30 pm »

So, after updating to the latest release, I did see that some folks did have issues, however, I do not use suricata.  I think this issue might be a bit different, possibly.

Even after applying the latest patch _3 the issue still occurs.

root@tardis:/var/unbound # configctl unbound check
/var/unbound/etc/dnsblview.conf:11: error: cannot open include file '/usr/local/etc/unbound.opnsense.d/dnsbl.conf': No such file or directory
read /var/unbound/unbound.conf failed: 1 errors in configuration file


If I revert back to 22.7.8 with this: opnsense-revert -r 22.7.8 opnsense

Then reboot, unbound comes back up.  However, the instant I upgrade again, the above happens again.

I'm GUESSING it has something with moving dnsbl to a python module possibly?

Any insight would be nice.

Thank you!

3

20.7 Legacy Series / Firewall schedules

« on: November 02, 2020, 06:14:35 am »

Scenario:  I have a schedule setup Monday - Friday from 0:00 to 22:00 which works great

Problem:  There are certain times/days/dates I would like to cause this schedule to NOT be active.

I've tried a couple of things like adding a secondary rule above the one that is normally active with it's own schedule, but it appears that the M - F rule still triggers some how.

Question:

Does anyone else use schedules in their firewall and can give me a hint as to how they are able to override the schedule so it isn't active at certain times?

Hopefully I'm not missing something simple!

Thank you!

4

15.1 Legacy Series / 15.1.4 - IPv6 on WAN interface crash

« on: February 10, 2015, 02:20:08 pm »

Just did a new install of opnsense 15.1.4 last night and as a test enabled IPv6 on the WAN interface.

This caused the system to go into a reboot loop and crash each time.

I had to unplug the wan interface, let it boot, go in via the LAN, disable IPv6 on the WAN, and then plug back in to get back up and running.

Just FYI!