Supported unbound blocklist formats ?

Started by guest41684, December 14, 2023, 05:38:41 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 14, 2023, 05:38:41 PM
Hi everyone,

I'm currently using the latest business version of opnsense (just to support the project, I use it for my home network)
and today I realized that some of the external blocklists I added to unbound are not being loaded when they use the actual unbound blocklist style.

E.g.
https://github.com/hagezi/dns-blocklists/blob/main/unbound/doh.blacklist.conf

Code Select
local-zone: "some-domain.com." always_nxdomain

So it seems that that format is not supported by opnsense, while when adding the entries manually as a custom configuration through the CLI they work as expected.

So far I was unable to find a list of supported formats / syntax in the docs.

Does anyone know where I can find the documentation for that ?

Also, can we assume that the formats used by the included blocklists are supported ?


December 14, 2023, 05:51:55 PM #1
Hi
iirc OPN now supports wildcard lists. like
https://github.com/hagezi/dns-blocklists/blob/main/wildcard/doh.txt
December 15, 2023, 08:44:55 AM #2
I can confirm this. Previously, OPNsense used to support the 'hosts' format, which still works, but recently the 'wildcard asterisk' format got also supported. This is quite a bit faster in loading and processing because the lists themselves are more compact.
In theory there is no difference between theory and practice. In practice there is.
December 15, 2023, 11:51:15 AM #3
Hi @Fright & @dinguz


thank you for your help  :) , I can confirm that the wildcard versions of HaGeZi's blocklists work perfectly
even the ultimate list with around 400k entries loads quite fast on my DEC695.

E.g. log entry for the ultimate list

Code Select
blocklist: https://raw.githubusercontent.com/hagezi/dns-blocklists/main/wildcard/ultimate.txt (exclude: 8 block: 461027 wildcard: 461027)
Print
Go Up Pages1
User actions