Unbound Blacklist issues?

Started by N0_Klu3, March 31, 2021, 09:59:31 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 31, 2021, 09:59:31 PM
Hi guys,

I'm trying to add: https://block.energized.pro/basic/formats/hosts

Energized Basic block list to my Unbound Blocklist.

Every time I add it I get error reloading unbound.

Code Select
unbound-checkconf /var/unbound/unbound.conf
/var/unbound/etc/dnsbl.conf:561149: error: unknown keyword ','
/var/unbound/etc/dnsbl.conf:561149: error: unknown keyword 'A'
/var/unbound/etc/dnsbl.conf:561149: error: unknown keyword '0.0.0.0'
/var/unbound/etc/dnsbl.conf:561149: error: stray '"'
/var/unbound/etc/dnsbl.conf:2050091: error: unknown keyword 'A'
/var/unbound/etc/dnsbl.conf:2050091: error: unknown keyword '0.0.0.0'
/var/unbound/etc/dnsbl.conf:2050091: error: stray '"'
read /var/unbound/unbound.conf failed: 7 errors in configuration file
I get this when checking conf for unbound.

If I remove this block list it works fine. I have tried all the options for Energized basic, RAW, Domain, Hosts same error every time I add it.

Can someone let me know where I'm going wrong or how to add a blocklist successfully?

I can see it pulling and dnsbl.conf growing before it errors out.
March 31, 2021, 11:26:35 PM #1
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
March 31, 2021, 11:45:26 PM #2
I tried every format, and also Blu, and lesser ones.
April 01, 2021, 09:45:51 AM #3
https://block.energized.pro/basic/formats/hosts.txt
should work but it contains garbage:
Code Select

d1r90st78epsag.cloudfront.net",
_domainkey.affex.org
_ldap._tcp.pdc._msdcs.adserver.com
outping--.callrail.com
d1r90st78epsag.cloudfront.net"
_sipfederationtls._tcp.gamail.com
aes-.corp.com
7cjyxsb-.micpn.com
customer-.micpn.com
viglink.com*
track*.datatrics.com
April 01, 2021, 10:26:38 AM #4
Not any more it seems.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
April 01, 2021, 10:33:43 AM #5
still there
Code Select

0.0.0.0 d1r90st78epsag.cloudfront.net"
0.0.0.0 d1r90st78epsag.cloudfront.net",
did not look for the rest. the previous list was generated automatically five minutes before publication
April 01, 2021, 10:39:40 AM #6
Ah - I thought you were referring to the literal lines without leading 0.0.0.0.

But yes, garbage in blacklist - Unbound will crash.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
April 01, 2021, 10:45:51 AM #7
yep ) really need to load BL's via unbound-control imho
April 01, 2021, 10:49:41 AM #8
So this was an issue with the blacklist from Energized being messed up?
Not an issue with Unbound?
Am I understanding correctly?
April 01, 2021, 10:58:37 AM #9
all at once I would say. garbage records in the list, the inability of the unbound to skip an invalid entry in the local-data directive in conf, using conf-file to load the BLs in OPN and not a best regex in the OPN for checking list entries imho
April 01, 2021, 11:27:04 AM #10
I just tried again to reload the blacklist but its still failing.
Guess its still contains the garbage records.

I'll raise an issue on Github and hopefully someone better than me understands it.
April 01, 2021, 11:30:39 AM #11
if I understand correctly: dev's are aware of this issues, it's just that the task is not of the highest priority (unbound is strongly integrated into the system and any games with it require special attention). we just have to wait until they can return to the question imho
April 01, 2021, 12:14:33 PM #12
Ah just read this, already raised an issue request.
I raised: https://github.com/EnergizedProtection/block/issues/718

Let me know if it looks ok, or needs changing.
Print
Go Up Pages1
User actions