Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS resolver 2.5.1 syntax error

    Scheduled Pinned Locked Moved DHCP and DNS
    7 Posts 3 Posters 836 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Mr_JinXM
      Mr_JinX
      last edited by

      Hi,

      I have upgraded from 2.4 to 2.5.1 and i noticed DNS resolver wouldn't start, it look like unbound reports a syntax error;

      (under custom options, DNS Resolver)
      local-zone: "use-application-dns.net" always_nxdomain

      Error:

      /status_services.php: The command '/usr/local/sbin/unbound -c /var/unbound/unbound.conf' returned exit code '1', the output was '/var/unbound/unbound.conf:106: error: syntax error read /var/unbound/unbound.conf failed: 1 errors in configuration file [1618601498] unbound[29998:0] fatal error: Could not read config file: /var/unbound/unbound.conf. Maybe try unbound -dd, it stays on the commandline to see more errors, or unbound-checkconf'

      After i removed the line resolver started, I would like to ensure the NXDOMAIN for use-application-dns.net any suggestions please

      -Chris

      1 Reply Last reply Reply Quote 0
      • Mr_JinXM
        Mr_JinX
        last edited by

        Looks like there's a setting in pfblocker-ng, under "DNSBL SafeSearch" to return NXdomain for the above plus more domains

        johnpozJ 1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator @Mr_JinX
          last edited by johnpoz

          If you want to put that in the custom options.. you need the Server: in front of it..

          Example

          nxdomain.png

          If your trying to do that with pfblocker, you wouldn't need it in the options box.

          Where exactly would you set that in pfblocker, I only use the basic functions of pfblocker for some native alias stuff, and geoip aliases that I use in my rules manually.

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          S 1 Reply Last reply Reply Quote 0
          • S
            SteveITS Rebel Alliance @johnpoz
            last edited by

            @johnpoz said in DNS resolver 2.5.1 syntax error:

            I only use the basic functions of pfblocker

            We do as well, so far, but it's on page Firewall/pfBlockerNG/DNSBL/DNSBL SafeSearch on version 3.x

            Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
            When upgrading, allow 10-15 minutes to reboot, or more depending on packages, and device or disk speed.
            Upvote ๐Ÿ‘ helpful posts!

            johnpozJ 1 Reply Last reply Reply Quote 0
            • johnpozJ
              johnpoz LAYER 8 Global Moderator @SteveITS
              last edited by

              Which I assume you would have to enable dnsbl to function..

              Yeah I would just put it in the option box, unless you wan to use some of the dnsbl features?

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 24.11 | Lab VMs 2.8, 24.11

              S 1 Reply Last reply Reply Quote 0
              • S
                SteveITS Rebel Alliance @johnpoz
                last edited by

                I had a minute so decided to play on my home router. If I "Enable DNSBL" (using the non-Python method) and enable "DoH/DoT Blocking," and run an update and force reload DNSBL, the upload log has DNSBL entries but the dashboard widget shows a hover/tooltip status of "*** SQLite database missing, Force Reload DNSBL to recover! ***" which doesn't sound all that successful. :) And "use-application-dns.net" resolves.

                Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
                When upgrading, allow 10-15 minutes to reboot, or more depending on packages, and device or disk speed.
                Upvote ๐Ÿ‘ helpful posts!

                johnpozJ 1 Reply Last reply Reply Quote 0
                • johnpozJ
                  johnpoz LAYER 8 Global Moderator @SteveITS
                  last edited by

                  Choose which you want to do - you wouldn't put that in two places.. If your going to use the pfdnsbl feature, then you wouldn't put that in your option box.

                  If your not using the dnsbl options, then you could put it in your option box.. But you need the server: line above it, as you see in my screenpic.

                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                  If you get confused: Listen to the Music Play
                  Please don't Chat/PM me for help, unless mod related
                  SG-4860 24.11 | Lab VMs 2.8, 24.11

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.