Invalid unbound.conf / syntax error when attempting to override host via includ
-
Hi there.
It's taken quite some work, but i've gotten as far as i can. I'm stuck! Please help! I am trying to create list of hosts that i'd like to block at the DNS layer. I know that i can use the pfSense webUI to just add a host or domain override, but i want to do this in an automatic way and at scale. Basically, i want to implement my own version of this block list:
https://github.com/k0nsl/unbound-blocklist
So, now it should be clear what i'm trying to do.
–---Here's what I have done so far:
- Via the webUI, i have added a directive to include my own config file.
include: /var/unbound/my_blocks.conf
- Via the webUI, i have added a host override for www.SomeHostToBlock.com in order to route all DNS queries for this example host to a loopback. The last line of my host_entries.conf file looks like
local-data: "www.SomeHostToBlock.com. A 127.0.0.1"
This works!
$ dig +short www.SomeHostToBlock.com @pf_sense_ip 127.0.0.1
So, now i try to move the line:
local-data: "www.SomeHostToBlock.com. A 127.0.0.1"
from the
host_entries.conf file into the my_blocks.conf file.
i do this over SSH with cp then nano to remove all but the last line and save the file and then i use the web UI to remove the host override / trigger a config rebuild / test.
Here's the feedback i get:
The generated config file cannot be parsed by unbound. Please correct the following errors: /var/unbound/my_blocks.conf:1: error: syntax error read /var/unbound/test/unbound.conf failed: 1 errors in configuration file
The content of my_blocks.conf is identical to the last line of host_entries.conf before i used the webUI to remove that host override.
SO! My question. Why does unbound refuse to parse my config file when i'm following the EXACT SAME pattern / using the EXACT SAME syntax that the webUI loads into host_entries.conf
The moment i take the line i copies from host_entries out of my_blocks (making it an empty file again) unbound no longer complains about syntax!
What am i doing wrong / please help me get unbound successfully blocking hosts!
-
Oh hey!
I was able to fix it.
I'm really not sure how i missed it, but i now have added a server: line above my_blocksIt now reads as
server: local-data: "www.SomeHostToBlock.com. A 127.0.0.1"
I no longer need to have web hosts overridden through the webUI :)