Re: Unbound 1.13.1rc1 pre-release

George Thessalonikefs via Unbound-users Mon, 22 Feb 2021 09:17:27 -0800

Hi RayG,

The log did help.
You hit a bug for an upcoming feature that verifies a zone before loading.


You can find the fixed files at:
https://nlnetlabs.nl/~george/unbound_setup_1.13.2_20210222_A.exe
https://nlnetlabs.nl/~george/unbound-1.13.2_20210222_A.zip

Additionally, using:
        domain-insecure: "URLHaus."
or
        zonemd-permissive-mode: yes
in the configuration should also bypass the issue.

-- George


On 22/02/2021 16:43, RayG wrote:

Hi George,

Thanks for the update...

I have installed that version and there is a warning in the log file after 
starting.

Is there any other information you require?

This is an entry in the URLHaus RPZ file which is not in my other list of 
excluded DNS names which does NOT return NXDOMAIN and the log file does not 
show any RPZ logging? It is still returning an IP address. So I deduce things 
are not working as expected.

C:\>dig a9ashop.com

; <<>> DiG 9.16.12 <<>> a9ashop.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54145
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;a9ashop.com.                   IN      A

;; ANSWER SECTION:
a9ashop.com.            1799    IN      A       162.241.124.73

;; Query time: 140 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Feb 22 15:23:10 GMT Standard Time 2021
;; MSG SIZE  rcvd: 56
C:\>

There is also no zonefile created.

      rpz: # MyResponsePolicyZones.conf
      name: "URLHaus"
      zonefile: "C:\ProgramData\Unbound\Logs\urlhaus.zone"
      url: "https://urlhaus.abuse.ch/downloads/rpz/";
      rpz-log: yes
      rpz-log-name: "URLHausRPZ"
      rpz-action-override: nxdomain

I hope the attached files help

RayG
-----Original Message-----
From: George Thessalonikefs <geo...@nlnetlabs.nl>
Sent: 22 February 2021 14:40
To: RayG <rgs...@btinternet.com>; unbound-users@lists.nlnetlabs.nl
Subject: Re: Unbound 1.13.1rc1 pre-release

Hi RayG,

We had a fix that may also solve the issue getting the rpz zonefile via url in 
windows 
(https://github.com/NLnetLabs/unbound/commit/bc4bdbabeab1388e41ce64714203b4fd3fab18be).

I have prepared the following for you to try on windows:
https://nlnetlabs.nl/~george/unbound_setup_1.13.2_20210222.exe
https://nlnetlabs.nl/~george/unbound-1.13.2_20210222.zip

Let me know how it goes,
-- George

On 03/02/2021 16:08, RayG wrote:

Hi George,

Ok Thanks - I was rather hoping the next update to v1.13.0 would have addressed 
the issue.  Any Ideas when?

Thanks

RayG

Re: Unbound 1.13.1rc1 pre-release

Reply via email to