Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Invalid unbound.conf / syntax error when attempting to override host via includ

    Scheduled Pinned Locked Moved DHCP and DNS
    2 Posts 1 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      blargh
      last edited by

      Hi there.

      It's taken quite some work, but i've gotten as far as i can.  I'm stuck!  Please help!  I am trying to create list of hosts that i'd like to block at the DNS layer.  I know that i can use the pfSense webUI to just add a host or domain override, but i want to do this in an automatic way and at scale.  Basically, i want to implement my own version of this block list:

      https://github.com/k0nsl/unbound-blocklist

      So, now it should be clear what i'm trying to do.
      –---

      Here's what I have done so far:

      • Via the webUI, i have added a directive to include my own config file.
      include: /var/unbound/my_blocks.conf
      • Via the webUI, i have added a host override for www.SomeHostToBlock.com in order to route all DNS queries for this example host to a loopback.  The last line of my host_entries.conf file looks like
      local-data: "www.SomeHostToBlock.com. A 127.0.0.1"

      This works!

      
$ dig +short www.SomeHostToBlock.com @pf_sense_ip
127.0.0.1

      So, now i try to move the line:

      local-data: "www.SomeHostToBlock.com. A 127.0.0.1"

      from the

      host_entries.conf file into the my_blocks.conf file.

      i do this over SSH with cp then nano to remove all but the last line and save the file and then i use the web UI to remove the host override / trigger a config rebuild / test.

      Here's the feedback i get:

      
The generated config file cannot be parsed by unbound. Please correct the following errors:
/var/unbound/my_blocks.conf:1: error: syntax error
read /var/unbound/test/unbound.conf failed: 1 errors in configuration file

      The content of my_blocks.conf is identical to the last line of host_entries.conf before i used the webUI to remove that host override.

      SO!  My question.  Why does unbound refuse to parse my config file when i'm following the EXACT SAME pattern / using the EXACT SAME syntax that the webUI loads into host_entries.conf

      The moment i take the line i copies from host_entries out of my_blocks (making it an empty file again) unbound no longer complains about syntax!

      What am i doing wrong / please help me get unbound successfully blocking hosts!

      1 Reply Last reply Reply Quote 0
      • B
        blargh
        last edited by

        Oh hey!

        I was able to fix it.
        I'm really not sure how i missed it, but i now have added a server: line above my_blocks

        It now reads as

        
server:
local-data: "www.SomeHostToBlock.com. A 127.0.0.1"

        I no longer need to have web hosts overridden through the webUI :)

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.