Unbound RPZ loading with URL

  • ATTENTION! You'll notice a Prefix dropdown when you create a thread. If your post applies to one of the topics listed, please use that Prefix for your post. When browsing the thread list you can use the Prefix to filter the view.
  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Markster

Senior Member
@juched and @Martineau do you guys know if this issue with Unbound loading rpz with url has been resolved? I checked the link @juched posted some 6 months ago https://github.com/NLnetLabs/unbound/issues/193 and the issue has been closed. However, I tried enabling unbound rpz loading with url and it still fails. I am wondering if by chance there is something else that I am missing in the config. Also, another question I have is about current setup. Is you script capable to load multiple rpz configurations if they are described in the same unbound.local.firewall file?
 

juched

Senior Member
This was only an issue when using https. I haven't tried it since. What URL are you using and what error are you seeing?

You should be able to load more than one rpz, but i could ever only source 1, which is what is there.
 

Markster

Senior Member
This was only an issue when using https. I haven't tried it since. What URL are you using and what error are you seeing?

You should be able to load more than one rpz, but i could ever only source 1, which is what is there.
Thanks. I was getting tls errors but will try with http. Thanks.
 
Last edited:

Markster

Senior Member
This was only an issue when using https. I haven't tried it since. What URL are you using and what error are you seeing?

You should be able to load more than one rpz, but i could ever only source 1, which is what is there.
Check https://block.energized.pro/ - there are a lot of rpz files to choose from depending how much and what level of protection for ads you require. Also, StevenBlack list is also available as RPZ file.

I have transitioned to use RPZ files exclusively including my own block list and whitelistings. As I started reading more about RPZ I found that it offers a lot of capabilities and functionality. For example, I have 2 separate rpz files, separating domains based on different Policy Actions. In the future I hope unbound team will introduce and support more policy triggers which would allow finer control of blocking based on client IP.
 

Markster

Senior Member
Tried rpz with url using http and https with the same results - both fail. Here is the log,
it looks like it is entware relates as I understand it works on Linux OS.

Code:
Apr 09 12:40:37 unbound[24652:0] debug: auth zone rpz.urlhaus.abuse.ch. transfer next HTTP fetch from 151.101.54.49 started
Apr 09 12:40:37 unbound[24652:0] info: mesh_run: end 0 recursion states (0 with reply, 0 detached), 0 waiting replies, 1 recursion replies sent>
Apr 09 12:40:37 unbound[24652:0] info: average recursion processing time 0.341480 sec
Apr 09 12:40:37 unbound[24652:0] info: histogram of recursion processing times
Apr 09 12:40:37 unbound[24652:0] info: [25%]=0 median[50%]=0 [75%]=0
Apr 09 12:40:37 unbound[24652:0] info: lower(secs) upper(secs) recursions
Apr 09 12:40:37 unbound[24652:0] info:    0.262144    0.524288 1
Apr 09 12:40:37 unbound[24652:0] debug: auth zone rpz.urlhaus.abuse.ch. transfer next target lookup
Apr 09 12:40:37 unbound[24652:0] debug: comm point stop listening 15
Apr 09 12:40:37 unbound[24652:0] debug: comm point start listening 15 (-1 msec)
Apr 09 12:40:37 unbound[24652:0] debug: http header: HTTP/1.1 301 Moved Permanently
Apr 09 12:40:37 unbound[24652:0] debug: http bad status 301 Moved Permanently
Apr 09 12:40:37 unbound[24652:0] debug: close fd 15
Apr 09 12:40:37 unbound[24652:0] debug: auth zone transfer http callback
Apr 09 12:40:37 unbound[24652:0] debug: http stopped, connection lost to urlhaus.abuse.ch
Apr 09 12:40:37 unbound[24652:0] debug: auth zone rpz.urlhaus.abuse.ch. transfer failed, wait
Apr 09 12:40:37 unbound[24652:0] debug: auth zone rpz.urlhaus.abuse.ch. timeout in 6 seconds
 
Last edited:

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top