16
23.1 Legacy Series / Re: The new unbound reporting is pretty cool
« on: February 03, 2023, 05:02:27 pm »dig shows NODATA (rcode 0 answer:0) for blocked https RRs
Thanks for taking the time to test it
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
dig shows NODATA (rcode 0 answer:0) for blocked https RRs
Is this the patch with also blocking HTTPS requests?
@tuto2
im afraid https rr could provide ip via hints ..
https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-svcb-https-01#section-6.4
So imho in this part it is still possible to speed up something?
Regarding the connect() time (thanks for the hint. I read the docs and didn't get excited ), the only thing that comes to mind is to make the "timedelta" configurable (so that we can reduce the size of the data for realy high-load servers)?
ps. it was also noticed that the size of the database file is not shrinked after deletion, and I did not find such an option in dukdb. only export/import remains?
Like the others I love the new reporting, however, with this new implementation with the python module that handles the DNSBL, what's the work around to allow bypassing the DNSBL?
It used to be using tags or views, but those won't apply now that the dnsbl file is in .json format.
Hi,
is this only a "design" glitch, or why does it block the A records but not the HTTPS records?
metrics.icloud.com A record blocked
metrics.icloud.com HTTPS record NOT blocked
@tuto2
Hi!
but it seems to me that the process of cleanup is not optimized? Could this be the reason?
IMHO the index may not help here because of the data conversion (the time column is defined as an integer and the time data is converted during cleanup).
and is conversion even necessary if we compare two epoch values?
# opnsense-patch 44e9dc25b
Is this expected as the dataset grows? Is this going to become more noticeable, or (36 hours on) have I hit a steady state?
2. No for me, all local even with 'All' set as the option for display. Possibly it may be how I have Unbound setup.
So will this patch make it into final or is there any other issue which has to be solved?
\
As a OPNsense newbie - what do I have to do if it will make it into a official patch release? Deleting the patch and updating OPNsense - or just do nothing?
1. Auto refresh
2, On the list, when filtering with the term 'Block' all the clients are localhost, whereas without a term, or even with the term 'Pass' the correct client is shown. Having the client in the Block situation would assist in tracing malicious queries.
And report back if the number of queried PTR records is reduced.
Just to report back - the number went to nearly zero. The patch is working perfectly!
But how can I reset stats to get rid of all these earlier PTR records within my top domains.