Unbound Blocklist - Exclude certain clients - How?

Started by gspannu, August 09, 2024, 04:14:10 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 09, 2024, 04:14:10 PM
I am using Unbound with its excellent native support for Blocklists, but I would like to exclude certain clients from using the blocklists... i.e. allow everything with blocking.

I am aware that I can specify some external DNS servers (e.g. 8.8.8.8) for these specific clients but what I want is to use the Unbound DNS resolver but bypass the adblocking for certain clients?

I think it is possible using some custom unbound configs, but am unable to  manage this?

Anyone have any ideas as to how to accomplish this with Unbound?

Code Select
e.g. provide adblocking for all clients except 192.168.1.22/32, 192.168.1.33/32, 192.168.60.221/32
August 09, 2024, 05:59:57 PM #1
You can do that with views. (I fon't think it's supported via the GUI, you'd be better off using BIND.)
August 09, 2024, 11:01:36 PM #2
Quote from: doktornotor on August 09, 2024, 05:59:57 PM
You can do that with views. (I fon't think it's supported via the GUI, you'd be better off using BIND.)

@doktornotor
Would you be able to provide some more help? in Unbound?
Where do I create the custom file/ script?
I am happy to work with files/ scripts (non-GUI stuff) but need a bit of a start.

Assume a basic setup like:
Code Select
adblocking for all clients except 192.168.1.22/32, 192.168.1.33/32, 192.168.60.221/32
August 09, 2024, 11:22:21 PM #3
There is a third-party plugin that exposes Unbound custom configuration (os-unboundcustom-maxit). If you want to use Unbound and all you want is unfiltered access for a bunch of IPs, I'd suggest running another DNS server instance (BIND, dnsmasq) on loopback and forwarding the DNS queries from those clients there.

Otherwise, IIRC the AdGuardHome plugin handles this type of functionality natively. (Never used it myself.)
August 10, 2024, 01:03:02 AM #4
Quote from: doktornotor on August 09, 2024, 11:22:21 PM
There is a third-party plugin that exposes Unbound custom configuration (os-unboundcustom-maxit). If you want to use Unbound and all you want is unfiltered access for a bunch of IPs, I'd suggest running another DNS server instance (BIND, dnsmasq) on loopback and forwarding the DNS queries from those clients there.

Otherwise, IIRC the AdGuardHome plugin handles this type of functionality natively. (Never used it myself.)

As I am aware, the unboundcustom-maxit is an older version of the plugin not compatible with 24.x.

I already have AGH running on another OPNsense instance.
I also have another instance running that uses Blocky (even wrote a OPNsense plugin https://github.com/gspannu/OPN-Plugins with help from mimugmail)
--- but was just keen to use a single solution (Unbound).

Unbound is quite feature rich, with loads of support and I wanted to really utilise it as a single solution.

I can dig into views and stuff, what I need is a starting point as to where the custom config file needs to go, its basic structure, etc....

I am quite surprised no one has written a plugin for the adblocking yet - Unbound is so widely used.
August 10, 2024, 08:13:12 AM #5
Quote from: gspannu on August 10, 2024, 01:03:02 AM
I am quite surprised no one has written a plugin for the adblocking yet - Unbound is so widely used.

Uhm, but the adblocking plugin is already there. It's just - global (a python module). I don't think that integrates with views, tags or anything like that, it's just - global. https://forum.opnsense.org/index.php?topic=32242.0

Stick with AGH or other solutions suggested.
Print
Go Up Pages1
User actions