Unbound DNSBL check what's blocked?

[N0_Klu3]

Hey guys,

So recently setup OPNsense again, and using the blocklist function.

But how do I check what is blocked, lets say I'm trying to diagnose a blocked site or something and want to check its the DNSBL block list that's the culprit?

How can I see a report or something?

[lar.hed]

Open a web browser and enter one of the selected web sites from one of the blocklists?

[N0_Klu3]

Yeah but how do I know its specifically the DNSBL causing the issues?
I'm coming from pfSense that has pfBlocker... the reports help you find what is being blocked by which list and so on.

[lar.hed]

I think it is available in the firewall log, just make sure you know what you are searching for.

[N0_Klu3]

Yeah so I can see a lot of deny in the firewall logs.
But it doesn't give clear info, and no clear info on DNSBL to IP.

If it clearly said deny DNSBL filter or something that would help.
Its great we can add blocklist but if there is no way to see any extra info or anything it renders it mostly useless...

OPNSense needs to get it updated with some extra reporting asap!

[lar.hed]

Well I think you might be a bit hard on OPNsense folks here. OPNsense is not pfSense you know.

For example have you tried to change loglevel from default (Level 1) to Query (Level 3), it is under Advanced settings. And do not forgett to turn on Log Queries.

[N0_Klu3]

Sorry not trying to be hard on them.
Just think if releasing things there needs to be a way to properly monitor what you enable.

[lar.hed]

Well you should be able to follow the Unbound log and see what happens with every DNS request if you turn on the two properties I mentioned above.

[N0_Klu3]

Cheers mate.

I have already done those 2 but only log level 1, so just upped it to level 3.
Will report back if I have any more difficulties.