On 2017-02-06 at 22:43 +0000, Matt Nelson via Unbound-users wrote: > I have built a DNS filtering service using the pythonmod for unbound. > Everything is working as it should apart from the cache. I want to > disable the cache completely as I am filtering the results based on the > incoming IP address. As an example anyone from 192.168.30.20 can access > social media sites, but anyone from 192.168.30.30 is returned the IP > address of the server instead which shows a "blocked" message.
Sounds like you want to be using Views, with a `view:` block which has `view-first: yes` set, local-data: in the view providing the IP address of the server, and a set of `access-control-view:` directives putting individual IPs into that view. I'm not seeing anything under http://unbound.net/documentation/pythonmod/index.html which shows the access-control or view directives being exposed to Python. Assuming that the list of IPs is fairly dynamic, have you considered using an include directive such as: include: "/etc/unbound/python-managed.d/*.conf" and then having your Python be a standalone service to modify/create/delete one or more files in that directory based upon your site integrations, and use unbound-control to dump_cache/reload/load_cache ? I don't see unbound-control options to directly change access-control-view: options without doing a full reload. :\ -Phil
