Unbound resolver error: Can't assign requested address for 127.0.0.1
-
Rename them in case :
mv /var/unbound/unbound_control.key /var/unbound/backup_unbound_control.key mv /var/unbound/unbound_control.pem /var/unbound/backup_unbound_control.pem mv /var/unbound/unbound_server.key /var/unbound/backup_unbound_server.key mv /var/unbound/unbound_server.pem /var/unbound/backup_unbound_server.pemrestart unbound, it should start, if not ... then move them back.
to remove them it's :rm /var/unbound/unbound_server.pemAlso it's better to access the webgui with the pfsense IP address instead of using it's domain name when stopping and restarting DNS resolver.
-
@RonpfS
unbound restarted ok, without any errors, but the DNSBL was still unable to reload without the error.
pfblockerng4.txtI use the IP of Pfsense whenever I log into the web GUI, not sure why it uses the domain name when logging into shell
-
What other packages are you using? Bind will conflict with unbound and if you use Service Watchdog make sure it does not monitor unbound.
-
This post is deleted! -
Well ... I have no more clue why it doesn't reload unbound.
Maybe disable all feeds excepts Ads ?What does ls -al /var/unbound look like now ?
-
@RonpfS I placed the result of the rebuilt key and pem files, as well as how /var/unbound looks in my last post(out on lunch and on mobile, sorry)
@Grimson the one thing I find odd is it just started this over the weekend, after a power outage. It has been fine for the last 6 months, without any issue. I do not have bind,and have made sure that unbound is not being monitored by service watchdog. I have the regularly installed packages like pfblockerng-devel, snort, etc.
-
@themadsalvi said in Unbound resolver error: Can't assign requested address for 127.0.0.1:
@Grimson the one thing I find odd is it just started this over the weekend, after a power outage.
So did you run fsck on the filesystem? https://docs.netgate.com/pfsense/en/latest/hardware/troubleshooting-disk-check-errors-fsck.html#manually-run-fsck
I have the regularly installed packages like pfblockerng-devel, snort, etc.
There are no regularly installed packages, a regular install comes without additional packages. So always mention the packages you are using when asking for help.
If following the above to check the filesystem doesn't work grab a config backup and do a fresh install to make sure the installation is in a good state.
-
@Grimson iplaced some screenshots from my mobile in my previouspost. Fsck says that /dev/zroot/ROOT cannot be opened since there is no file or directory present
-
@themadsalvi said in Unbound resolver error: Can't assign requested address for 127.0.0.1:
@Grimson iplaced some screenshots from my mobile in my previouspost. Fsck says that /dev/zroot/ROOT cannot be opened since there is no file or directory present
https://www.freebsd.org/doc/handbook/zfs-zpool.html#zfs-zpool-status
https://www.freebsd.org/doc/handbook/zfs-zpool.html#zfs-zpool-scrub -
It looks like it found no errors in the pool. I even ran the scrub with no errors found.
-
To be honest, from what I can see your installation is a mess. For example you have both snort and suricata installed. Best suggestion is for you to document what you are currently using (and what not). Then start with a fresh clean install, don't restore the config do the setup bit by bit yourself and watch where it breaks.
-
@Grimson I will have to do that when I get home. I guess I have been lucky in that it has worked flawlessly for the last 6 months(SInce I installed it). It was bound to break eventually. Strangely, I can still surf the internet fine(I am writing from the network that has Pfsense firewall), and use streaming services like netflix.
-
You can always try to remove pfblocker lists by unticking pfBlockerNG & Keep Settings :
Note: To clear all downloaded lists, uncheck these two checkboxes and 'Save'. Re-check both boxes and run a 'Force Update|Reload'
-
@RonpfS Uninstall, and then installed. This happened
-
Saw this :
[ Windows_hosts_block ] Downloading update [ 03/26/19 12:04:08 ] .. 404 Not FoundPossible to remove that feed ?
(or am I to late already ?)No "help me" PM's please. Use the forum, the community will thank you.
Edit : and where are the logs ?? -
@themadsalvi So that is the output of a Force Update after Disabling pfblockerng and Save settings,
Now when you tick both setttings, do a Force Update, then a Force Reload all. -
@Gertjan said in Unbound resolver error: Can't assign requested address for 127.0.0.1:
Possible to remove that feed ?
Well the feed would be empty and would not prevent rebuilding the pfb_dnsbl.conf
-
-
@themadsalvi said in Unbound resolver error: Can't assign requested address for 127.0.0.1:
@RonpfS That is the output of fully removing and re-installing pfblocker, with the keep settings unticked.
Well let us know what happens when you add a DNSBL table.
-
@RonpfS If I do a force update and force reload with a list or two it does the following:
UPDATE PROCESS START [ 03/26/19 14:48:53 ]
===[ DNSBL Process ]================================================
[ 1 ] Downloading update .. 200 OK
No Domains Found[ shalla ] Downloading update [ 03/26/19 14:49:03 ] .. 200 OK.
Orig. Unique # Dups # White # Alexa Final
19567 19567 0 0 0 19567
DNSBL: Flush DNSBL_IP
Assembling database... completed
Validating database... Skipped
Reloading Unbound... Failed to Reload... Restoring previous database.... Not completed.*** DNSBL update [ 0 ] [ 19567 ] ... OUT OF SYNC ! ***
===[ Continent Process ]============================================
===[ Aliastables / Rules ]==========================================
No changes to Firewall rules, skipping Filter Reload
No Changes to Aliases, Skipping pfctl Update===[ FINAL Processing ]=====================================
[ Original IP count ] [ 0 ]
===[ DNSBL Domain/IP Counts ] ===================================
19567 /var/db/pfblockerng/dnsbl/shalla.txt
IPv4 alias tables IP count
1
IPv6 alias tables IP count
0
Alias table IP Counts
1 /var/db/aliastables/pfB_DNSBLIP.txtpfSense Table Stats
table-entries hard limit 400000
Table Usage Count 109283UPDATE PROCESS ENDED [ 03/26/19 14:49:07 ]
