Unbound Blocklist - Exclude certain clients - How?

[gspannu]

I am using Unbound with its excellent native support for Blocklists, but I would like to exclude certain clients from using the blocklists... i.e. allow everything with blocking.

I am aware that I can specify some external DNS servers (e.g. 8.8.8. for these specific clients but what I want is to use the Unbound DNS resolver but bypass the adblocking for certain clients?

I think it is possible using some custom unbound configs, but am unable to  manage this?

Anyone have any ideas as to how to accomplish this with Unbound?

Code: [Select]

e.g. provide adblocking for all clients except 192.168.1.22/32, 192.168.1.33/32, 192.168.60.221/32

[doktornotor]

You can do that with views. (I fon't think it's supported via the GUI, you'd be better off using BIND.)

[gspannu]

You can do that with views. (I fon't think it's supported via the GUI, you'd be better off using BIND.)

@doktornotor
Would you be able to provide some more help? in Unbound?
Where do I create the custom file/ script?
I am happy to work with files/ scripts (non-GUI stuff) but need a bit of a start.

Assume a basic setup like:

Code: [Select]

adblocking for all clients except 192.168.1.22/32, 192.168.1.33/32, 192.168.60.221/32

[doktornotor]

There is a third-party plugin that exposes Unbound custom configuration (os-unboundcustom-maxit). If you want to use Unbound and all you want is unfiltered access for a bunch of IPs, I'd suggest running another DNS server instance (BIND, dnsmasq) on loopback and forwarding the DNS queries from those clients there.

Otherwise, IIRC the AdGuardHome plugin handles this type of functionality natively. (Never used it myself.)

[gspannu]

There is a third-party plugin that exposes Unbound custom configuration (os-unboundcustom-maxit). If you want to use Unbound and all you want is unfiltered access for a bunch of IPs, I'd suggest running another DNS server instance (BIND, dnsmasq) on loopback and forwarding the DNS queries from those clients there.

Otherwise, IIRC the AdGuardHome plugin handles this type of functionality natively. (Never used it myself.)

As I am aware, the unboundcustom-maxit is an older version of the plugin not compatible with 24.x.

I already have AGH running on another OPNsense instance.
I also have another instance running that uses Blocky (even wrote a OPNsense plugin https://github.com/gspannu/OPN-Plugins with help from mimugmail)
 --- but was just keen to use a single solution (Unbound).

Unbound is quite feature rich, with loads of support and I wanted to really utilise it as a single solution.

I can dig into views and stuff, what I need is a starting point as to where the custom config file needs to go, its basic structure, etc....

I am quite surprised no one has written a plugin for the adblocking yet - Unbound is so widely used.

[doktornotor]

I am quite surprised no one has written a plugin for the adblocking yet - Unbound is so widely used.

Uhm, but the adblocking plugin is already there. It's just - global (a python module). I don't think that integrates with views, tags or anything like that, it's just - global. https://forum.opnsense.org/index.php?topic=32242.0

Stick with AGH or other solutions suggested.