DNS Unbound Blacklist Update?

[pheriko]

Hi.

I have this questions related to blacklist feature:

1) If I detect a false positive, and whitelist that domain on the GUI, do I need to run a command or restart the service to apply my new whitelist?
2) If we enable cron to update the list(s), do we have a report/statusabout if the update(s) where a good or not?
3) Exist a why to override the blacklist for a specific IPs on my LAN, lest say I don't want the service to apply the blacklist for X lan IP?

Thanks.

[Vilhonator]

No you don't usually have to restart unbound when you add stuff to whiltelists. If your machine is unable to access domains you whitelist, you need to flush dns records on that machine (on windows, you do that by opening command prompt and type command "ipconfig /flushdns" without quatation marks).

Cron tasks (like almost everything) are logged and you can view them from logs (there is no status page for it, you have to either check the logs under general logs or unbound logs, or read the correct log file on console. You can use filters and search using keywords.)

If by overriding blacklists as in allowing you to access websites containing adult material while blocking your kids gaining access to those websites, I would recommed using Zenarmor. I don't know if Unbound can do that, but BIND can, BIND is just bit more complicated to setup than unbound is and I wouldn't use it on Opnsense, if I didn't have to host local DNS zone.

[pheriko]

Hi Vilhonator.

I had found the logs about cron, those are on Unbound dns logs, whitelist clear as watter. Correct, looks like we don't have an option to exclude IPs from te BL stuff.

Thanks for your help.