Unbound 1.14.0rc1 pre-release
Peter Russell
jpgpi250 at gmail.com
Fri Dec 3 08:53:33 UTC 2021
RPZ question (since there are new RPZ features in 1.14.0rc1)
Pi-hole + unbound user here (currently v1.13.2), using RPZ zones, this to
ensure 'always blocked', using, for example, the list from urlhaus
When using pi-hole + unbound, unbound is used as the upstream resolver.
The developer of pihole-FTL has added code to allow detection of responses,
blocked by the upstream resolver.
Pi-hole (dnsmasq+++) can use a variety of upstream resolvers. Apparently,
when using with upstream resolver quad9, the following code allows pi-hole
to indicate the query was blocked by the upstream resolver:
https://github.com/pi-hole/FTL/blob/a296265896876ba8178aac4394df51f0c1e9cb66
/src/dnsmasq_interface.c#L2496-L2498
Question: is it possible to provide this information from unbound to
pi-hole, e.g. unset the RA bit when a query is blocked by an unbound RPZ
nxdomain reply?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20211203/a2bcc42d/attachment-0001.htm>
More information about the Unbound-users
mailing list