Indeed, looks like the firewall got cold feet - same error messages here. Just runFurther to my earlier questions on the DNS firewall and VPN routing - see below - the DNS Firewall is now no longer working
Unbound works fine without it but if enable the Firewall then I get
I have tried hard and soft reboots (just in case), as well as option i = Update and unbound and configuration, without success - any suggestions on what I can try next?Code:
 unbound-checkconf[5209:0] error: /opt/var/lib/unbound/rpz.urlhaus.abuse.ch.zone:1154 cannot insert RR of type CNAME  unbound-checkconf[5209:0] error: error parsing zonefile /opt/var/lib/unbound/rpz.urlhaus.abuse.ch.zone for rpz.urlhaus.abuse.ch.  unbound-checkconf[5209:0] fatal error: Could not setup authority zones ***ERROR INVALID unbound configuration
Can someone help with a couple of questions - I think I have configured unbound correctly, but am not entirely sure with respect to the DNS Firewall and sending unbound requests via VPN Client.
With regards to the DNS Firewall, I can see this is enabled but there have been no hits at all since it was installed some weeks ago. Is there some way / site I can check this?
In respect of sending requests via a VPN client, in the Q&A it says
Q. Why does a DNS Leak test show my ISP assigned IP Address?
A. You are now your own recursive DNS resolver! - what other IP could possibly be shown? .... However, if you use a VPN Client, then you may opt to force unbound to bind to the VPN tunnel, so all unbound's DNS requests will be via the tunnel, so now your VPN assigned IP will be shown in a DNS Leak test.
I have most of my traffic going direct, but do have a VPN for a couple of devices. I have set unbound to use VPN 5, but in any leak test my DNS still shows as my local IP, not the VPN assigned IP - is this correct?
...and yes, the DNS shows as your local provider's IP, that's right. It means it works.