RPZ: is this config correct?
George Thessalonikefs
george at nlnetlabs.nl
Fri May 21 16:08:16 UTC 2021
Hi RayG,
It was not the same issue; Andreas hit a regression bug on the 1.13.1
release.
Your issue seems to be specifically tied with windows and TLS.
I will try to figure out why next.
Best regards,
-- George
On 11/05/2021 17:28, RayG wrote:
> Hi George,
>
> Seems people are having issues with RPZ - can you advise when my particular one will be resolved? Is it the same as the https ones reported below?
>
> Its been a while now...
>
> Thanks.
>
> Ray
>
> -----Original Message-----
> From: George Thessalonikefs <george at nlnetlabs.nl>
> Sent: 11 May 2021 11:16
> To: unbound-users at lists.nlnetlabs.nl
> Subject: Re: RPZ: is this config correct?
>
> Hi Andreas,
>
> On 11/05/2021 09:56, A. Schulze via Unbound-users wrote:
>>
>>
>> Am 10.05.21 um 23:30 schrieb A. Schulze via Unbound-users:
>>>
>>>
>>> Am 01.05.21 um 12:46 schrieb A. Schulze via Unbound-users:
>>>> HTTP works, HTTPS don't.
>>>
>>> Hello George,
>>>
>>> is there anything I could test/check/do to help?
> I am afraid not. I am currently preoccupied with another bug but will get to this right after, will let you know.
>
>>
>> Update:
>>
>> I now setup
>>
>> * a webserver that
>> - fetch https://urlhaus.abuse.ch/downloads/rpz/ hourly
>> - serve that file by http
>>
>> * an unbound instance
>> - configured to use the rpz from the http location
>>
>> Turns out: the zonefile written by unbound, *has* current data ... as
>> expected ...
>>
>> so only fetch by https is broken somehow.
> Thanks again for clarifying that!
>
> I'll try to replicate with the systems you shared (Debian Bullseye and Debian Buster) and go from there.
>
> -- George
>
>
More information about the Unbound-users
mailing list