Unbound unbound_manager (Manager/Installer utility for unbound - Recursive DNS Server)

[Martineau]

The upgrade from 3.11b3 to 3.11 didn't show matching md5 checks. I did an 'uf' and now everything looks well with the exception of the 'grep' line mentioned by @penguin22. I do not have Diversion installed.

I really shouldn't listen to user requests...I suspect using v3.11b4 version tag is not numeric.?

I've updated v3.11 release post# to advise using 'uf' if they had installed the v3.11Beta

Anyway I've pushed v3.11 Github md5=71d024f4edfca404c5885c31d95060e7 to fix the failed detection of Diversion

Many Thanks to you and @penguin22 for reporting the error message.

 

[penguin22]

The minor update you posted appears to have resolved the grep when Diversion is not installed.

 

[tomsk]

I have a bunch of messages associated with the DNS firewall.....

May  9 17:30:05 RT-AC68U-4690 S61unbound: restart Unbound DNS server  /opt/etc/init.d/S61unbound
May  9 17:30:11 RT-AC68U-4690 (unbound_manager): 14737 unbound cache RESTORED from '/opt/share/unbound/configs/cache.txt' (2020-05-09 17:30:05)
May  9 17:31:03 RT-AC68U-4690 (unbound_rpz.sh): 15382 Reload unbound for zone named rpz.urlhaus.abuse.ch
May  9 17:45:00 RT-AC68U-4690 (unbound_rpz.sh): 18115 Attempting to Download 1 of 1 from https://urlhaus.abuse.ch/downloads/rpz/.
May  9 17:45:02 RT-AC68U-4690 (unbound_rpz.sh): 18115 Reload unbound for zone named rpz.urlhaus.abuse.ch
May  9 18:00:00 RT-AC68U-4690 (unbound_rpz.sh): 24332 Attempting to Download 1 of 1 from https://urlhaus.abuse.ch/downloads/rpz/.

anything change in that part of the code last update.... or just the url down?

 

[SomeWhereOverTheRainBow]

I have a bunch of messages associated with the DNS firewall.....

May  9 17:30:05 RT-AC68U-4690 S61unbound: restart Unbound DNS server  /opt/etc/init.d/S61unbound
May  9 17:30:11 RT-AC68U-4690 (unbound_manager): 14737 unbound cache RESTORED from '/opt/share/unbound/configs/cache.txt' (2020-05-09 17:30:05)
May  9 17:31:03 RT-AC68U-4690 (unbound_rpz.sh): 15382 Reload unbound for zone named rpz.urlhaus.abuse.ch
May  9 17:45:00 RT-AC68U-4690 (unbound_rpz.sh): 18115 Attempting to Download 1 of 1 from https://urlhaus.abuse.ch/downloads/rpz/.
May  9 17:45:02 RT-AC68U-4690 (unbound_rpz.sh): 18115 Reload unbound for zone named rpz.urlhaus.abuse.ch
May  9 18:00:00 RT-AC68U-4690 (unbound_rpz.sh): 24332 Attempting to Download 1 of 1 from https://urlhaus.abuse.ch/downloads/rpz/.

anything change in that part of the code last update.... or just the url down?

Nice..

 

[tomsk]

Nice..

Yeah a bit stange ... i restarted unbound with the rs from the menu and it seems to have stopped.... first time this happened... will keep an eye on it

 

[Martineau]

I have a bunch of messages associated with the DNS firewall.....

May  9 17:30:05 RT-AC68U-4690 S61unbound: restart Unbound DNS server  /opt/etc/init.d/S61unbound
May  9 17:30:11 RT-AC68U-4690 (unbound_manager): 14737 unbound cache RESTORED from '/opt/share/unbound/configs/cache.txt' (2020-05-09 17:30:05)
May  9 17:31:03 RT-AC68U-4690 (unbound_rpz.sh): 15382 Reload unbound for zone named rpz.urlhaus.abuse.ch
May  9 17:45:00 RT-AC68U-4690 (unbound_rpz.sh): 18115 Attempting to Download 1 of 1 from https://urlhaus.abuse.ch/downloads/rpz/.
May  9 17:45:02 RT-AC68U-4690 (unbound_rpz.sh): 18115 Reload unbound for zone named rpz.urlhaus.abuse.ch
May  9 18:00:00 RT-AC68U-4690 (unbound_rpz.sh): 24332 Attempting to Download 1 of 1 from https://urlhaus.abuse.ch/downloads/rpz/.

anything change in that part of the code last update.... or just the url down?

cru l | grep RPZ

*/15 * * * * /jffs/addons/unbound/unbound_rpz.sh download #Unbound_RPZ.sh#

 

[tomsk]

cru l| grep RPZ

*/15 * * * * /jffs/addons/unbound/unbound_rpz.sh download #Unbound_RPZ.sh#

Oooo i didn't realise it was downloading every 15 mins ... turns out that the logging to syslog-ng had stopped so i was only seeing the messages the script was generating... normally they are buried in a bunch of queries and replies .... a little knowledge is a dangerous thing

 

[glehel]

dnsmasq disable message:
Warning: 00:05:CC:3B:A4:6E (192.168.1.101) not found in 'nvram get dhcp_hostnames'
Warning: 00:06E:E5:08:E6 (192.168.1.102) not found in 'nvram get dhcp_hostnames'

does it work well regardless?

 

[figorr]

One curious thing.

I have activated the Ad and Tracker blocking, and the Youtube Ad Blocking too. And after that I rebooted the router.

Everything seems to be working ok, but ads are still there. And there is no Youtube ad blocking, because youtube ads are still appearing.

And another thing ... my Echo devices cannot connect to internet. The only way they can connect is to stop Unbound ... then plug in the Echo devices and once they are connected to internet ... then I can start Unbound again. And then Echo devices remain connected. They don't loose connection.

Diversion is disabled.

 

[juched]

@Martineau small issue with your YouTube Ad Block install. It uses the same name for the CRU command in the start-services script:

$(Smart_LineInsert "$FN" "$(echo -e "cru a adblock \"*/5 * * * *\" ${CONFIG_DIR}adblock/gen_ytadblock.sh\t# unbound_manager")" )

It should be:

$(Smart_LineInsert "$FN" "$(echo -e "cru a ytadblock \"*/5 * * * *\" ${CONFIG_DIR}adblock/gen_ytadblock.sh\t# unbound_manager")" )

Also, the regular command is missing a * for the cron time, it should be:

cru a ytadblock "*/5 * * * *" ${CONFIG_DIR}adblock/gen_ytadblock.sh

 

[Torson]

I really shouldn't listen to user requests...

May I kindly suggest you continue doing that? It looks awesome from this side

 

[Martineau]

dnsmasq disable message:
Warning: 00:05:CC:3B:A4:6E (192.168.1.101) not found in 'nvram get dhcp_hostnames'
Warning: 00:06E:E5:08:E6 (192.168.1.102) not found in 'nvram get dhcp_hostnames'

does it work well regardless?

Well if you attempted to refer to either device by name, it wouldn't be possible, however by IP address it should.....

e.g. this should work

nslookup 192.168.1.101

but what would you specify in the following command to find out what IP Address is assigned to the named device on your local domain?

nslookup ??????.AC86U.

Have you actually given a name to each of the two devices using 'dnsmasq.conf.add' or perhaps 'dnsmasq.postconf'?

 

[Martineau]

@Martineau small issue with your YouTube Ad Block install. It uses the same name for the CRU command in the start-services script:

$(Smart_LineInsert "$FN" "$(echo -e "cru a adblock \"*/5 * * * *\" ${CONFIG_DIR}adblock/gen_ytadblock.sh\t# unbound_manager")" )

It should be:

$(Smart_LineInsert "$FN" "$(echo -e "cru a ytadblock \"*/5 * * * *\" ${CONFIG_DIR}adblock/gen_ytadblock.sh\t# unbound_manager")" )

Also, the regular command is missing a * for the cron time, it should be:

cru a ytadblock "*/5 * * * *" ${CONFIG_DIR}adblock/gen_ytadblock.sh

Whoops, I knew I'd forgotten to implement the live cron job fix to v3.11

OK, thanks for keeping me honest, I've upload Hotfix

v3.11
Github md5=394d652a3eacb0dce8b2bcae08efd73a​

 

[Martineau]

One curious thing.

I have activated the Ad and Tracker blocking, and the Youtube Ad Blocking too. And after that I rebooted the router.

View attachment 23368

Everything seems to be working ok, but ads are still there. And there is no Youtube ad blocking, because youtube ads are still appearing.

And another thing ... my Echo devices cannot connect to internet. The only way they can connect is to stop Unbound ... then plug in the Echo devices and once they are connected to internet ... then I can start Unbound again. And then Echo devices remain connected. They don't loose connection.

Diversion is disabled.

Apologies , there is a typo in the cron schedule preventing the every 5 minute job from constantly monitoring/refreshing the dynamic YT Ad Servers list.

Please ensure you download the latest v3.11 Hotfix and follow the instructions in the v3.11 post#

 

[ugandy]

just noticed that when I do nslookup from my PC, it is querying 192.168.50.1 as DNS as expected.
but when i do nslookup on a ssh session in the router, my ISP dns is being queried instead.
is this expected?

 

[netware5]

just noticed that when I do nslookup from my PC, it is querying 192.168.50.1 as DNS as expected.
but when i do nslookup on a ssh session in the router, my ISP dns is being queried instead.
is this expected?

Yes, it is expected, unless you check "Use local caching DNS server as system resolver=YES"

 

[Chris0815]

Really impressive what you guys have made out if unbound within the last weeks! Its surprising every evening as soon as I am able to use it and test your new features... Is there a possibility to donate for your work?

 

[Chris0815]

just noticed that when I do nslookup from my PC, it is querying 192.168.50.1 as DNS as expected.
but when i do nslookup on a ssh session in the router, my ISP dns is being queried instead.
is this expected?

Yes, as stated by @netware5, but you can use

dig www.Domain.com @192.168.50.1

to ask directly the Router during SSH.

 

[tomsk]

when switching from dnsmasq/diversion to unbound/adblocking i noticed that the youtube ad scripts is downloaded along with the adblock script. Using the ? i get informed the youtube ad blocking is active

[✔] YouTube Ad Blocking .....Please play YouTube video to acquire YouTube Ad Server IP Address

But the cron job isn't installed and typing youtube at the prompt offers to install it.

 

[Martineau]

when switching from dnsmasq/diversion to unbound/adblocking i noticed that the youtube ad scripts is downloaded along with the adblock script. Using the ? i get informed the youtube ad blocking is active

[✔] YouTube Ad Blocking .....Please play YouTube video to acquire YouTube Ad Server IP Address

But the cron job isn't installed and typing youtube at the prompt offers to install it.

Thanks for the bug report.

I've uploaded v3.11 Hotfix

v3.11
Github md5=5c965a9dc7662e3644d9d3d3d01886eb​

Hotfix: Remove duplicate YouTube Video Ad Block script download during Ad Block install.
        YouTube Video Block refresh cron job will be lost after a reboot as cron not added to services-start.