Unbound /resolver broke
-
2.2-BETA (amd64)
built on Fri Nov 14 07:17:32 CST 2014
FreeBSD 10.1-RELEASE
was using it now get this since last couple of daysNov 14 14:53:30 php-fpm[24580]: /services_unbound.php: The command '/usr/sbin/unbound -c /var/unbound/unbound.conf' returned exit code '1', the output was '/var/unbound/unbound.conf:91: error: syntax error read /var/unbound/unbound.conf failed: 1 errors in configuration file [1415994810] unbound[40993:0] fatal error: Could not read config file: /var/unbound/unbound.conf'
-
it's being worked on today.
-
Nov 14 22:39:07 php-fpm[7768]: /services_unbound.php: The command '/usr/sbin/unbound -c /var/unbound/unbound.conf' returned exit code '1', the output was '/var/unbound/unbound.conf:93: error: syntax error read /var/unbound/unbound.conf failed: 1 errors in configuration file [1416022747] unbound[10518:0] fatal error: Could not read config file: /var/unbound/unbound.conf'
lastest snapshot
2.2-BETA (amd64)
built on Fri Nov 14 16:22:56 CST 2014
FreeBSD 10.1-RELEASE -
not seeing any issues like that. What is line 93 in your /var/unbound/unbound.conf file?
-
When doing the recent change to actually implement the unbound advanced options, I noticed that the text that a user puts in the Advanced box (which becomes the custom-options section) is implemented by the underlying code putting each white-space-separated bit (each word) onto a separate line in the unbound config. That seemed a bit of an odd thing to do, but I did not like to change that code!
Prior to my "fixes" the text in the Advanced box was stored in the pfSense config, but never actually made it into unbound.conf
Now that it gets into unbound.conf people will see errors if it is wrong.
Perhaps first remove anything in the Advanced box and see if that helps.
Then someone can fix up/sort out in what form the Advanced box text should be written to unbound.conf -
this auto populates advanced box
statistics-interval: 300;statistics-cumulative: no;extended-statistics: yes
Nov 15 13:56:25 php-fpm[25032]: /services_unbound.php: The command '/usr/sbin/unbound -c /var/unbound/unbound.conf' returned exit code '1', the output was '/var/unbound/unbound.conf:93: error: syntax error read /var/unbound/unbound.conf failed: 1 errors in configuration file [1416077785] unbound[27189:0] fatal error: Could not read config file: /var/unbound/unbound.conf'
##########################
Unbound Configuration
##########################
Server configuration
server:
chroot: /var/unbound
username: "unbound"
directory: "/var/unbound"
pidfile: "/var/run/unbound.pid"
use-syslog: yes
port: 53
verbosity: 3
hide-identity: no
hide-version: no
harden-referral-path: no
harden-glue: yes
do-ip4: yes
do-ip6: yes
do-udp: yes
do-tcp: yes
do-daemonize: yes
module-config: "validator iterator"
unwanted-reply-threshold: 0
num-queries-per-thread: 1024
jostle-timeout: 200
infra-host-ttl: 900
infra-lame-ttl: 900
infra-cache-numhosts: 10000
outgoing-num-tcp: 10
incoming-num-tcp: 10
edns-buffer-size: 4096
cache-max-ttl: 86400
cache-min-ttl: 0
harden-dnssec-stripped: no
msg-cache-size: 4m
num-threads: 2
msg-cache-slabs: 4
rrset-cache-slabs: 4
infra-cache-slabs: 4
key-cache-slabs: 4
rrset-cache-size: 8m
outgoing-range: 462
#so-rcvbuf: 4m
auto-trust-anchor-file: /var/unbound/root.key
prefetch: yes
prefetch-key: yesStatistics
Unbound Statistics
statistics-interval: 0
extended-statistics: yes
statistics-cumulative: yesInterface IP(s) to bind to
interface: 192.168.35.1
interface: 127.0.0.1
interface: ::1Outgoing interfaces to be used
outgoing-interface: 174.130.18.151
outgoing-interface: 209.105.185.108DNS Rebinding
For DNS Rebinding prevention
private-address: 10.0.0.0/8
private-address: 172.16.0.0/12
private-address: 192.168.0.0/16
private-address: 192.254.0.0/16
private-address: fd00::/8
private-address: fe80::/10Set private domains in case authoritative name server returns a Private IP address
Access lists
include: /var/unbound/access_lists.conf
Static host entries
include: /var/unbound/host_entries.conf
Domain overrides
include: /var/unbound/domainoverrides.conf
Forwarding
forward-zone:
name: "."
forward-addr: 8.8.8.8
forward-addr: 8.8.4.4Unbound custom options
statistics-interval:
300;statistics-cumulative:
no;extended-statistics:
yesRemote Control Config
include: /var/unbound/remotecontrol.conf
-
all i know was my config was working just fine on weds 11/5 snapshot upgraded to fri and had to enable forwarder for dns
-
The code Phil referenced was a copy/paste from dnsmasq, which uses its advanced field differently since it needs those as command line arguments, not in a conf file. The problem was your advanced options were never used prior to a few days ago, and once that was fixed, they were put in wrong. That did need to be output differently.
I just pushed a fix for that. gitsync or upgrade to a snapshot on the 16th or newer and you should be in good shape.