Unbound unbound_manager (Manager/Installer utility for unbound - Recursive DNS Server)

[Khadanja]

There is no separate 'Adblock' log.

If you enable unbound logging (I have enabled scribe) you can see the Ad Block blocked domains as 'always nxdomain' entries

e.g.

e  = Exit Script

A:Option ==> l

/opt/var/log/unbound.log (syslog-ng)        Press CTRL-C to stop

RT-AC68U unbound: [22284:0] info: device-metrics-us.amazon.com. always_nxdomain 127.0.0.1@37217 device-metrics-us.amazon.com. A IN
RT-AC68U unbound: [22284:0] info: device-metrics-us.amazon.com. always_nxdomain 127.0.0.1@56789 device-metrics-us.amazon.com. AAAA IN
RT-AC68U unbound: [22284:0] info: zemanta.com. always_nxdomain 127.0.0.1@63769 b1-chidc2.zemanta.com. A IN
RT-AC68U unbound: [22284:0] info: zemanta.com. always_nxdomain 127.0.0.1@31480 b1t-chidc2.zemanta.com. A IN

Thanks I see that now. Is there any point of having Diversion installed then? My RAM usage goes over 90% if I have Diversion enabled along with skynet & unbound. Drops to 70% after disabling Diversion. Does inbound update block list automatically?

 

[L&LD]

@Khadanja, any reason you want to 'conserve' ram?

Does the performance decrease when Diversion is enabled? Any other detrimental effects? If the effect is just more ram being put to use, there is no reason to not use Diversion.

 

[Treadler]

Thanks I see that now. Is there any point of having Diversion installed then? My RAM usage goes over 90% if I have Diversion enabled along with skynet & unbound. Drops to 70% after disabling Diversion. Does inbound update block list automatically?

Use either Diversion, or, the adblocker built into Unbound.
But not both.......
[Edit] yes, the Unbound adblocker updates itself daily so far as I know.

 

[SomeWhereOverTheRainBow]

@Khadanja, any reason you want to 'conserve' ram?

Does the performance decrease when Diversion is enabled? Any other detrimental effects? If the effect is just more ram being put to use, there is no reason to not use Diversion.

You speak in the wise parables of the RAM.

 

[Khadanja]

@Khadanja, any reason you want to 'conserve' ram?

Does the performance decrease when Diversion is enabled? Any other detrimental effects? If the effect is just more ram being put to use, there is no reason to not use Diversion.

Router GUI becomes very very slow. Almost unusable & menus don’t even load fully sometimes.

 

[^Tripper^]

Given the documented performance hit, logging should be OFF by default in 'unbound.conf', and the 'lo' ENABLE logging command is dynamic/temporary, which means a 'rs' or REBOOT should revert logging to OFF.
P.S. You can check 'unbound.conf' after a REBOOT using the 'v' command and examine the logging section and the three physical logging directives should be commented out.

Apparently not?

A reboot or 'rs' reverts to logging enabled.

Edit;
Update to 2.17 seems to have sorted this issue out thou I did have a strange error during the update that I've posted in the next...post.

 

[^Tripper^]

Update to 2.17 and this just happened;

 

[Martineau]

For those who scoff at 'paraskevidekatriaphobia' then TL;DR

......but for those that do believe, I'll tempt fate with your router "mmmmmwwwwahahahahahahaha"

I've uploaded v2.17

Version=2.17
Github md5=319192913e189773c0a5d86b73ff4149​

Use of the 'i = Update unbound Installation' **optional** see Change Log

CHANGE: @juched's Ad Block script v1.0.4 now no longer uses the 'site' config file; Download new config files unless migrate 'site' contents is deemed appropriate.

e  = Exit Script

A:Option ==> i 3

Option Auto Reply 'y' Installing Ads and Tracker Blocking.....
        adblock/gen_adblock.sh downloaded successfully
        adblock/permlist downloaded successfully
Migrating legacy 'site' config to 'blocksites/allowsites' format.....
Custom '/opt/share/unbound/configs/blocksites' already exists - 'adblock/blocksites' download skipped
Custom '/opt/share/unbound/configs/allowsites' already exists - 'adblock/allowsites' download skipped
        adblock/blockhost downloaded successfully
        adblock/allowhost downloaded successfully
Adding Ad and Tracker 'include: /opt/var/lib/unbound/adblock/adservers'
Creating Daily cron job for Ad and Tracker update
Executing '/opt/var/lib/unbound/adblock/gen_adblock.sh'.....
Removing possible temporary files..
Attempting to Download https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
######################################################################## 100.0%
Downloading User Allow List...
Combining User Custom block host...
Filtering user requested domains from adblock list...
Filtering required domains from adblock list...
Removing unnecessary formatting from the domain list...
51543 domains compiled
Generating Unbound adlist.....
Removing temporary files...
Restarting Unbound DNS server...

CHANGE: 'ec' edit Ad Block config command replaced by 'eca=Config-AllowSites' and 'ecb=Config-BlockSites' commands to manage the new Ad Block config files. (see 'gen_adblock.sh' notes for new format)
ADD: 'dumpcache [bootrest]' will now modify 'post-mount' to auto restore the saved cache during a REBOOT.
FIX: When ENABLING unbound logging etc., the cache is not saved as '/init.d/S61unbound' is called direct. Invoke 'unbound_manager restart' instead.
CHANGE: Enforce 'dos2unix' in the function download() for Github files where appropriate.

P.S. @juched perhaps it would be useful to precede the first message from 'gen_adblock.sh'

Removing possible temporary files..

with something containing the version number of the script?
e.g.

Ad Block Configuration v1.0.4 started.....

Also, (pushing my luck here ) would you consider including commented examples of the various formats of the entries currently allowed in the various config files?

i.e. it must be a bit disconcerting for novices if they decide to use say command

A:Option ==> eca

and are suddenly simply presented with an imposing blank screen.

 

[Martineau]

Update to 2.17 and this just happened;

View attachment 21886

<sigh> discussed ad nauseum....

I believe the released unbound v1.10.x addresses this annoyance (see Change Log) but since the messages ONLY seemingly appear immediately prior to the unbound restart, it clearly isn't fatal, so I can't do anything until unbound v1.10.x is finally made available in Entware to see if the issue still persists.

 

[^Tripper^]

<sigh> discussed ad nauseum....

I believe the released unbound v1.10.x addresses this annoyance (see Change Log) but since the messages ONLY seemingly appear immediately prior to the unbound restart, it clearly isn't fatal, so I can't do anything until unbound v1.10.x is finally made available in Entware to see if the issue still persists.

Must’ve missed or forgotten about it. Thank you for the explanation.

 

[rgnldo]

I made a test environment. As a contribution, here are some adblock suggestions for the adblock solution to be widely adopted by the end user:

On gen_adblock github:

In line 21: there is no need: "destinationIP =" 0.0.0.0 "

In line 60: add the option in the grinding: | grep -v "127.0.0.1" |
"0.0.0.0 foo.bar or 127.0.0.1 foo.bar" will be converted to unbound format.

In this way, it avoids any problem adding lists (aka https://hosts-file.net/ad_servers.txt) with the format 127.0.0.1 by the user.

Allowlist and permlist files serve the same purpose.

Discard those suggestions if you don't think they are relevant.

 

[SomeWhereOverTheRainBow]

I made a test environment. As a contribution, here are some adblock suggestions for the adblock solution to be widely adopted by the end user:

On gen_adblock github:

In line 21: there is no need: "destinationIP =" 0.0.0.0 "

In line 60: add the option in the grinding: | grep -v "127.0.0.1" |
"0.0.0.0 foo.bar or 127.0.0.1 foo.bar" will be converted to unbound format.

In this way, it avoids any problem adding lists (aka https://hosts-file.net/ad_servers.txt) with the format 127.0.0.1 by the user.

Allowlist and permlist files serve the same purpose.

Discard those suggestions if you don't think they are relevant.

No issues here, able to use that list just fine.

 

[rgnldo]

No issues here, able to use that list just fine.

see this list
http://pgl.yoyo.org/as/serverlist.php?hostformat=hosts&showintro=0&mimetype=plaintext

For cases of plus lists, consider using this feature, on final process

sync; echo 3 > /proc/sys/vm/drop_caches

 

[Martineau]

No issues here, able to use that list just fine.

Yup I concur, v1.0.4 copes with the list just fine, haven't fully checked the resulting ~77% increase in entries compared to the default standard list, but what do I know?

Removing possible temporary files..
Attempting to Download https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
######################################################################## 100.0%
Attempting to Download https://hosts-file.net/ad_servers.txt
######################################################################## 100.0%
Downloading User Allow List...
Combining User Custom block host...
Filtering user requested domains from adblock list...
Filtering required domains from adblock list...
Removing unnecessary formatting from the domain list...
90943 domains compiled
Generating Unbound adlist.....
Removing temporary files...
Restarting Unbound DNS server...

unbound-checkconf: no errors in /opt/var/lib/unbound/unbound.conf

 

[SomeWhereOverTheRainBow]

Yup I concur, v1.0.4 copes with the list just fine, haven't fully checked the resulting ~77% increase in entries compared to the default standard list, but what do I know?

Removing possible temporary files..
Attempting to Download https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
######################################################################## 100.0%
Attempting to Download https://hosts-file.net/ad_servers.txt
######################################################################## 100.0%
Downloading User Allow List...
Combining User Custom block host...
Filtering user requested domains from adblock list...
Filtering required domains from adblock list...
Removing unnecessary formatting from the domain list...
90943 domains compiled
Generating Unbound adlist.....
Removing temporary files...
Restarting Unbound DNS server...

unbound-checkconf: no errors in /opt/var/lib/unbound/unbound.conf

why go through all the work when you could just use my version
https://raw.githubusercontent.com/jumpsmm7/GeneratedAdblock/master/SeparateList/adservers.7.list

 

[L&LD]

Router GUI becomes very very slow. Almost unusable & menus don’t even load fully sometimes.

Which router are we talking about? Which browser has been tested/used? What scripts and options are you using? What firmware is running? (Please don't say 'latest').

 

[Martineau]

For cases of plus lists, consider using this feature, on final process

sync; echo 3 > /proc/sys/vm/drop_caches

Given the current kernel is 2.6.36 for the non-HND models, the legacy Kernel documentation for that era categorically states:

Formally adding this to my script ain't gonna happen based on the above.

Unless you can cite documentation/metrics to substantiate your proposal, with all due respect I suggest you keep your dubious hints and tips in your own thread.

Regards,

 

[SomeWhereOverTheRainBow]

Given the current kernel is 2.6.36 for the non-HND models, the legacy Kernel documentation for that era categorically states:

View attachment 21902

Formally adding this to my script ain't gonna happen based on the above.

Unless you can cite documentation/metrics to substantiate your proposal, with all due respect I suggest you keep your dubious hints and tips in your own thread.

Thanks for the watch out on that one
I was a few seconds from testing it.

 

[Martineau]

Thanks for the watch out on that one
I was a few seconds from testing it.

If you did decide to thoroughly test it, obviously, if you did measure significant tangible gains, then I would reconsider!

 

[dave14305]

Formally adding this to my script ain't gonna happen based on the above.

Unless you can cite documentation/metrics to substantiate your proposal, with all due respect I suggest you keep your dubious hints and tips in your own thread.

To be fair, this method is used in both Diversion and Skynet for specific purposes.