Unbound unbound_manager (Manager/Installer utility for unbound - Recursive DNS Server)

  • ATTENTION! You'll notice a Prefix dropdown when you create a thread. If your post applies to one of the topics listed, please use that Prefix for your post. When browsing the thread list you can use the Prefix to filter the view.
  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Martineau

Part of the Furniture
seems this is happening when I use backspace to delete other char for other commands which I don't want use.
when i put directly correct char then it is fine.
Which SSH client are you using, and what setting do you have for the Del/Backspace keys?

upload_2020-6-16_11-49-2.png
 

tomsk

Very Senior Member
You will only need to make this change to the 2nd dnsmasq instance config file if you are using the alternate blocking list and you want those queries forwarded to unbound as an upstream resolver.

This 2nd dnsmasq conf is created by the alternate-bf.div file which is in turn called by the postconf.div file whenever the main dnsmasq is restarted. Its not dynamically created like the main dnsmasq instance so i think its ok just to replace the line in the alternate-bf.conf file and restart just the 2nd dnsmasq instance.

I had a go at it and my sed looks ok .. not sure if the 2nd instance of dnsmasq is restarting though....
EDIT: just re-read the man page and seems a SIGHUP wont load reload the config... killing it off and restarting it seems to work.... that will teach me not to read :oops:

Code:
#!/bin/sh

if [ -f /opt/share/diversion/.conf/alternate-bf.conf ];then

  if [ -n "\$(grep -E "^port: 53535" /opt/var/lib/unbound/unbound.conf)" ] && [ -n "$(grep -F "servers-file=/tmp/resolv.dnsmasq" /opt/share/diversion/.conf/alternate-bf.conf)" ];then

  sed -i 's/servers\-file\=\/tmp\/resolv\.dnsmasq/server\=127\.0\.0\.1\#53535/' /opt/share/diversion/.conf/alternate-bf.conf

  sed -i '14icache-size=0' /opt/share/diversion/.conf/alternate-bf.conf

  # kill -1 $(ps | grep "dnsmasq -C" | awk '{print $1}')   #SIGHUP

  kill -9 $(ps | grep "dnsmasq -C" | awk '{print $1}')                   #or kill process and restart?
  dnsmasq -C "/opt/share/diversion/.conf/alternate-bf.conf"

  fi
fi

i called this altdnsmasq_unbound and put it in /jffs/addons and made it executable

then just added a call to it in /jffs/scripts/dnsmasq.postconf
Code:
#!/bin/sh
. /opt/share/diversion/file/post-conf.div # Added by Diversion
sh /jffs/addons/unbound/unbound.postconf "$1"           # unbound_manager
sh /jffs/addons/altdnsmasq_unbound

I need to add the cache-size=0 directive to this too to stop the alternate dnsmasq caching replies ... any chance someone can help me with the code to insert this in the right place in the file?..... Fankyooooo!

EDIT : managed to get a solution but maybe not the best.....
Code:
sed -i '14icache-size=0' /opt/share/diversion/.conf/alternate-bf.conf

EDIT some more : amazing what a bit of sleep can do for you!... these solutions will stick the cache-size=0 below or above the server= line instead of counting the line where you want it..
Code:
sed -i '/^server\=127\.0\.0\.1\#53535/acache-size=0'  /opt/share/diversion/.conf/alternate-bf.conf
sed -i '/^server\=127\.0\.0\.1\#53535/icache-size=0'  /opt/share/diversion/.conf/alternate-bf.conf
 
Last edited:

Martineau

Part of the Furniture
mobaxterm
View attachment 24085

just checked again, this behaviour happens only when i delete "l" - then for any other command it is complaining ...
Apologies for the delay.

I've uploaded Hotfix.

v3.18
Github md5=d101a552f883495993feb43c0c03c47c
 

pattiri

Senior Member
I'm a first time Unbound user and I've used try and see method to find out lots of things for now all seems OK. I've set unbound as first DNS resolver disabled DNSmasq, enabled adblocker, webui and youtube ad blocker and my cache hit success percent: 50.85 which is not bad I guess but I have some questions. These are basics I've searched the thread but can't find, sorry about this and thanks in advance.

- I want to see the dns queries and replies in real time (like following DNSmasq logs via Diversion); I've tried verbosity as 1-4 but couldn't find the replies that contains IP addresses of the domains. For example; if I ping pastebin.com from my PC, I get reply from 104.23.98.190 but can't see 104.23.98.190 in logs

- I want to see which domains are blocked in real time. I guess by following the log the queries with "always_nxdomain" are the blocked domains. I've tried "adblock track" but it re-installs/updates the adblock and at the end saying "Logging Ad Block BLOCKED domains to log" but I couldn't see any "BLOCKED" in logs.

- If I find out a domain that is blocked how should I whitelist it? I guess I should add it to "ea"?
 

dave14305

Part of the Furniture
- I want to see the dns queries and replies in real time (like following DNSmasq logs via Diversion); I've tried verbosity as 1-4 but couldn't find the replies that contains IP addresses of the domains. For example; if I ping pastebin.com from my PC, I get reply from 104.23.98.190 but can't see 104.23.98.190 in logs
I think you want the lo and lx menu commands in the advanced menu.
 

pattiri

Senior Member
I think you want the lo and lx menu commands in the advanced menu.

For this one; dumpcache and searching cache.txt needed I guess. Here what I wanna see for www.snbforums.com from cache.txt

Code:
www.snbforums.com.    1195    IN    A    104.26.8.66
www.snbforums.com.    1195    IN    A    172.67.69.81
www.snbforums.com.    1195    IN    A    104.26.9.66
 

tomsk

Very Senior Member
Check to see if log-replies are set to yes or commented out in your unbound.conf through the v command. Im not sure if they are turned off and only log-queries are on by default if you're not using scribe...
 

ttgapers

Senior Member
Did you update Entware packages? I see a long list when I ran amtm update. I haven't updated them as yet since the last round of updates broke scribe and unbound if I remember correctly.
 

tomsk

Very Senior Member
Hmmm....my unbound seems to have crashed, and did not restart with a reboot of my router...
OOo... all on its own? ... any debug info? ... Btw ver 1.10.1 available in entware now if you want to take this moment to reinstall
 

tomsk

Very Senior Member
Did you update Entware packages? I see a long list when I ran amtm update. I haven't updated them as yet since the last round of updates broke scribe and unbound if I remember correctly.
I ran the entware upgrade and both scribe and unbound seemed to have survived the ordeal
 

tomsk

Very Senior Member
Have you updated?
Code:
unbound (pid 5138) is running... uptime: 0 Days, 00:00:07 version: 1.10.1 # rgnldo Github Version=v1.10 Martineau update (Date Loaded by unbound_manager Fri Jun 19 17:15:25 GMT 2020)
 

heysoundude

Very Senior Member
Did you update Entware packages? I see a long list when I ran amtm update. I haven't updated them as yet since the last round of updates broke scribe and unbound if I remember correctly.
OOo... all on its own? ... any debug info? ... Btw ver 1.10.1 available in entware now if you want to take this moment to reinstall

I updated entware last night and saw a similar longer than usual list...
EDIT: yes, I'm current v1.10.1
reboot and restart seem to have remedied things...yup, I'm back up. but I wonder if it'll survive an uncommanded router reboot, like from a mains power failure.
Time will tell, I suppose...
 
Last edited:

Jack Yaz

Part of the Furniture
My unbound dropped this morning; I updated Entware last night. Restarting unbound would cause it to immediately die again. I ran option i in unbound_manager to update my config (i hadn't used i for a while) and it all came back up nicely
 

Torson

Senior Member
Same as @Jack Yaz here... Running 'i' restored unbound's functionality - it now shows "version: 1.10.1 ". All good.
 

Amwjujo

Regular Contributor
Mine has crashed as well after last evening update of Entware.
I uninstalled Unbound, but now it doesn't let me install anymore.
If I check Entware version it says I am on the last version k-3.10, but if I try to update-upgrade Entware packages it comes with this error: opkg_download: Failed to download http://bin.entware.net/aarch64-k3.10/Packages.gz, wget returned 8.
Unbound install returns the fallowing error:
INSTALLing unbound
***ERROR occurred updating Entware package list

Any ideas?
I tried "i" but id doesn't work.
Thank you
 

Mutzli

Very Senior Member
I tried to update unbound from 1.10.0 to 1.10.1 but I get an error message that Entware Package could not be loaded and after this attempt Unbound was downgraded to version 1.09. What is going on?
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top