<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div dir="ltr"></div><div dir="ltr">Hi,</div><div dir="ltr"><br></div><div dir="ltr">You should not add these IPs to your interface or set then in unbound config.</div><div dir="ltr">Instead search for iptables redirect rule - using it you will be abble to redirect traffic to selected foreign IPs to your router IP.</div><div dir="ltr"><br></div><div dir="ltr"><br><blockquote type="cite">On 21 Mar 2024, at 20:32, Bruno Blanes via Unbound-users <unbound-users@lists.nlnetlabs.nl> wrote:<br><br></blockquote></div><blockquote type="cite"><div dir="ltr">
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style>@font-face { font-family: "Cambria Math"; }
@font-face { font-family: Aptos; }
@font-face { font-family: "Segoe UI"; }
p.MsoNormal, li.MsoNormal, div.MsoNormal { margin: 0in; font-size: 11pt; font-family: Aptos, sans-serif; }
span.EmailStyle17 { font-family: "Segoe UI", sans-serif; color: windowtext; font-weight: normal; font-style: normal; }
.MsoChpDefault { font-size: 11pt; }
@page WordSection1 { size: 8.5in 11in; margin: 70.85pt 85.05pt; }
div.WordSection1 { page: WordSection1; }</style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span style="font-family:"Segoe UI",sans-serif">Hi folks,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-family:"Segoe UI",sans-serif">I’ve seen a lot of home routers, mainly ZTE and D-Link, being attacked and having their LAN DNS changed to random servers with malicious intent. I am redirecting requests to those
servers into my Unbound machine and I can see the requests flow through tcpdump, however I can’t get Unbound to reply.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-family:"Segoe UI",sans-serif">I’ve set ip-freebind, but I can only get Unbound to reply if I also set the address in an interface, but this isn’t practical given that I’d have to know all malicious DNS on
the web and maintain a list of them on my interfaces.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-family:"Segoe UI",sans-serif">Have anyone done anything similar and got it working?<o:p></o:p></span></p>
</div>
</div></blockquote></body></html>