Unbound custom zone files

Started by derhelge, August 28, 2024, 09:09:09 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 28, 2024, 09:09:09 AM
Hello everyone,

In the documentation [1], I read about how custom configurations for unbound can be stored. But how can entire zone files be included in the chroot environment?

Background: I want to do DNS RPZ zone transfer with a shared secret. Since Unbound apparently cannot do this on its own, a workaround via dig [2] is necessary:
Code Select

shell:
dig -y "hmac-sha512:rpz.nlnetlabs.nl.:<key>" @nlnetlabs.nl rpz.nlnetlabs.nl AXFR > rpz.nlnetlabs.nl


A config extension should include the following points:
Code Select

server:
module-config: "respip validator iterator"
rpz:
name: rpz.nlnetlabs.nl
zonefile: rpz.nlnetlabs.nl


But how do I get the zone files copied to /var/unbound?

Many thanks,
Helge

[1] https://docs.opnsense.org/manual/unbound.html#advanced-configurations
[2] https://github.com/NLnetLabs/unbound/issues/336
Print
Go Up Pages1
User actions