Unbound DNSBL on selection of interfaces?

Started by EdwinKM, April 10, 2022, 03:50:04 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 10, 2022, 03:50:04 PM
I use a couple of (vlan) networks.
  * guest: allow internet (everything) except rfc1918
  * media: reject rfc1819 but connected some devices (chromecast) and some regular guests on this subnet + internet.
  * lan: For my "own" networks i like to use DNSBL
 
The main problem is with "media". I want to use Unbound for dhcp static mappings but i do not want to use the DNSBL for this interface. So, forwarding (to isp or google) dns using DHCP is not really what i want.

So what to seems to be missing is a interfaces dropdown on the "Services -> Unbound DNS -> Blocklist" page? Is this even possible with unbound?
Am i missing something obvious?
April 04, 2023, 09:52:51 AM #1
Late to the game, but still: I think this would be quite a handy feature, but also am not sure if it is easily achievable with unbound.

My desired scenario would be similar: Allowing different blocklist configurations for different interfaces, so not only enable/disable DNS blocking per interface. For example, having a "global blocklist" on all interfaces (e.g. for blocking malware/phishing), and additional blocklists per interface (e.g. for blocking certain content).
April 05, 2023, 08:38:06 PM #2
You already found my bug report if i am correct.
https://github.com/opnsense/core/issues/5712#issuecomment-1495674768
April 11, 2023, 10:28:16 AM #3
Yes I did, thanks so much!
Print
Go Up Pages1
User actions