Unbound 1.13.1rc1 pre-release

George Thessalonikefs george at nlnetlabs.nl
Mon Feb 22 17:16:57 UTC 2021 

Hi RayG,

The log did help.
You hit a bug for an upcoming feature that verifies a zone before loading.

You can find the fixed files at:
https://nlnetlabs.nl/~george/unbound_setup_1.13.2_20210222_A.exe
https://nlnetlabs.nl/~george/unbound-1.13.2_20210222_A.zip

Additionally, using:
	domain-insecure: "URLHaus."
or
	zonemd-permissive-mode: yes
in the configuration should also bypass the issue.

-- George


On 22/02/2021 16:43, RayG wrote:
> Hi George,
> 
> Thanks for the update...
> 
> I have installed that version and there is a warning in the log file after starting.
> 
> Is there any other information you require?
> 
> This is an entry in the URLHaus RPZ file which is not in my other list of excluded DNS names which does NOT return NXDOMAIN and the log file does not show any RPZ logging? It is still returning an IP address. So I deduce things are not working as expected.
> 
> C:\>dig a9ashop.com
> 
> ; <<>> DiG 9.16.12 <<>> a9ashop.com
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54145
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 1232
> ;; QUESTION SECTION:
> ;a9ashop.com.                   IN      A
> 
> ;; ANSWER SECTION:
> a9ashop.com.            1799    IN      A       162.241.124.73
> 
> ;; Query time: 140 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Mon Feb 22 15:23:10 GMT Standard Time 2021
> ;; MSG SIZE  rcvd: 56
> C:\>
> 
> There is also no zonefile created.
> 
>       rpz: # MyResponsePolicyZones.conf
>       name: "URLHaus"
>       zonefile: "C:\ProgramData\Unbound\Logs\urlhaus.zone"
>       url: "https://urlhaus.abuse.ch/downloads/rpz/"
>       rpz-log: yes
>       rpz-log-name: "URLHausRPZ"
>       rpz-action-override: nxdomain
> 
> I hope the attached files help
> 
> RayG
> -----Original Message-----
> From: George Thessalonikefs <george at nlnetlabs.nl>
> Sent: 22 February 2021 14:40
> To: RayG <rgsub1 at btinternet.com>; unbound-users at lists.nlnetlabs.nl
> Subject: Re: Unbound 1.13.1rc1 pre-release
> 
> Hi RayG,
> 
> We had a fix that may also solve the issue getting the rpz zonefile via url in windows (https://github.com/NLnetLabs/unbound/commit/bc4bdbabeab1388e41ce64714203b4fd3fab18be).
> 
> I have prepared the following for you to try on windows:
> https://nlnetlabs.nl/~george/unbound_setup_1.13.2_20210222.exe
> https://nlnetlabs.nl/~george/unbound-1.13.2_20210222.zip
> 
> Let me know how it goes,
> -- George
> 
> On 03/02/2021 16:08, RayG wrote:
>> Hi George,
>>
>> Ok Thanks - I was rather hoping the next update to v1.13.0 would have addressed the issue.  Any Ideas when?
>>
>> Thanks
>>
>> RayG
>>
>   
>

More information about the Unbound-users mailing list