[Feature] Unbound Dns request.
-
@e0x said in [Feature] Unbound Dns request.:
https://github.com/NLnetLabs/unbound
Not sure what you are asking here as Unbound is clearly baked-in to pfSense. Do you think there is a feature missing from pfSense's Unbound that is present in the GitHub repository version?
The DNS Resolver in pfSense
software utilizes unbound, which is a validating, recursive, caching DNS resolver that supports DNSSEC, DNS over TLS, and a wide variety of options. It can act in either a DNS resolver or forwarder role.https://docs.netgate.com/pfsense/en/latest/services/dns/resolver-config.html
️ -
@RobbieTT Thanks! I missed that info!
And what about this:
https://github.com/crowdsecurity/crowdsecI think is not necessary another IPS, but I leave here If something consider that is more robust or good tan Snort or Suricata.
Thank you again.
All the best.
-
@e0x said in [Feature] Unbound Dns request.:
https://github.com/crowdsecurity/crowdsec
Open a feature request: https://redmine.pfsense.org/
Since there's already a FreeBSD pkg it would not be that hard. But developer time is, always, very limited.
Steve
-
@stephenw10 - If/when Snort leaves the building the option to have Suricata plus "another" within pfSense would seem wise; but for now it probably isn't worth dev time.
Of course, if there is upstream dev time going spare they could focus on multicore PPPoE support. Just saying...
️ -
-
@MoonKnight said in [Feature] Unbound Dns request.:
https://github.com/crowdsecurity/pfSense-pkg-crowdsec
Huh, OK. I expect that to be a feature request on redmine then (I did search). You have a pull request open for us?
-
@stephenw10 Here
https://redmine.pfsense.org/issues/14712 -
@RobbieTT said in [Feature] Unbound Dns request.:
@e0x said in [Feature] Unbound Dns request.:
https://github.com/NLnetLabs/unbound
Not sure what you are asking here as Unbound is clearly baked-in to pfSense. Do you think there is a feature missing from pfSense's Unbound that is present in the GitHub repository version?
The DNS Resolver in pfSense
software utilizes unbound, which is a validating, recursive, caching DNS resolver that supports DNSSEC, DNS over TLS, and a wide variety of options. It can act in either a DNS resolver or forwarder role.https://docs.netgate.com/pfsense/en/latest/services/dns/resolver-config.html
️And thinking about this, is a bad idea if the dns resolver have some lists to block ads a so on?
-
@e0x huh? Not sure what your saying is a bad idea? Unbound?
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 24.11 | Lab VMs 2.8, 24.11 -
@e0x said in [Feature] Unbound Dns request.:
️And thinking about this, is a bad idea if the dns resolver have some lists to block ads a so on?
I know you aimed this at me but I have no idea what you are on about. I mean, literally no idea at all.
️ -
Just wait. He not yet aware that pfSense has pfBlockerng.
-
Sorry for my bad English, I write without translator.I mean to say, if the DNS resolver have an option that includes lists to blocks ads, malware, etc., via DNS without necessary to install any other package for this purpose.
-
You can add lists directly as custom config in Unbound. But it's a lot easier using pfBlockerNG!
-
@e0x said in [Feature] Unbound Dns request.:
if the DNS resolver have an option that includes lists to blocks ads
It does.. but you would have to do some manual work.. Couple different ways to do it - you can just create a host override for what you want to block..
you can create a redirect entry if you want to block anything for a whole domain. Or a always_nxdomain or always null, there are few options... Vs putting all of them in the custom options box, you can load from a file, etc.
But if your desire it to do dns blocking - the pfblocker makes it much easier to do..
-
@johnpoz Any way to block first party ads like Yuotube? I have pfBleckerNG, but is not sufficient.
I hate to see this XD
Well thanks to all.
-
@e0x blocking youtube ads can be a bit more complicated than blocking adserver.domain.tld
Not really a youtube user, not like I don't ever view youtube stuff - but I have not noticed enough ads that took me out of my way to blocking anything specific. Not exactly sure what your wanting to block there..
Are you wanting to block what you tube recommends?
-
@johnpoz said in [Feature] Unbound Dns request.:
Are you wanting to block what you tube recommends?
No, I post the screenshot that shows the ads what I see when open YouTube. You don't have these ads.
II know is easier to use an addon in the browser. Well i suppose I have more nothing to say about this topic so thanks to all you guys.
All the best.
-
@e0x said in [Feature] Unbound Dns request.:
You don't have these ads.
No I do not think so - I posted what I see when I go to where I think your going.. But again not really a huge youtube guy ;)
I get the Star trek and dead stuff it showing - as related to stuff I might view on youtube - the weird al stuff is a mystery to me why its showing that ;)
-
@e0x said in [Feature] Unbound Dns request.:
You don't have these ads.
I use pfBlockerNG as well as browser ad blocking add on...I don't get any ads. However, if I watch YouTube on Android TV box, no way to block the ads so that device is rarely used.
-
@NollipfSense said in [Feature] Unbound Dns request.:
browser ad blocking add on
uBLock Origin default settings + oisd big list is pretty good..
dead on arrival, nowhere to be found.
