Author Topic: Unbound DNSBL on selection of interfaces? (Read 1788 times)

EdwinKM · « **on:** April 10, 2022, 03:50:04 pm »

I use a couple of (vlan) networks.
* guest: allow internet (everything) except rfc1918
* media: reject rfc1819 but connected some devices (chromecast) and some regular guests on this subnet + internet.
* lan: For my "own" networks i like to use DNSBL

The main problem is with "media". I want to use Unbound for dhcp static mappings but i do not want to use the DNSBL for this interface. So, forwarding (to isp or google) dns using DHCP is not really what i want.

So what to seems to be missing is a interfaces dropdown on the "Services -> Unbound DNS -> Blocklist" page? Is this even possible with unbound?
Am i missing something obvious?

jeremias.winter · « **Reply #1 on:** April 04, 2023, 09:52:51 am »

Late to the game, but still: I think this would be quite a handy feature, but also am not sure if it is easily achievable with unbound.

My desired scenario would be similar: Allowing different blocklist configurations for different interfaces, so not only enable/disable DNS blocking per interface. For example, having a "global blocklist" on all interfaces (e.g. for blocking malware/phishing), and additional blocklists per interface (e.g. for blocking certain content).

EdwinKM · « **Reply #2 on:** April 05, 2023, 08:38:06 pm »

You already found my bug report if i am correct.
https://github.com/opnsense/core/issues/5712#issuecomment-1495674768

jeremias.winter · « **Reply #3 on:** April 11, 2023, 10:28:16 am »

Yes I did, thanks so much!

Author Topic: Unbound DNSBL on selection of interfaces? (Read 1788 times)

EdwinKM

Unbound DNSBL on selection of interfaces?

jeremias.winter

Re: Unbound DNSBL on selection of interfaces?

EdwinKM

Re: Unbound DNSBL on selection of interfaces?

jeremias.winter

Re: Unbound DNSBL on selection of interfaces?