unbound.conf:104: error: syntax error


  • 2.4.5-RELEASE-p1 (amd64)

    I was running 3 packages up until today at which point I removed pfblocker-devel as I thought this was the reason for my problem.

    I also run iperf3 and openvpn-export packages.

    I noticed pfblocker-devel needed an update a few days ago. Today I logged into SSH via my OpenVPN to clean up some old static IP that are no longer needed.

    I noticed unbound wasn't running. When I tried starting it I got some errors. I disabled pfblocker and unticked the 'save settings' option. Then removed the package completely.

    I've spent 4 hours trying to fix this today and I'm no closer.

    Somehow I got unbound to start but whenever I try to make particular changes to unbounds settings (forwarding mode for example) I get the following after clicking save.

    The following input errors were detected:

    The generated config file cannot be parsed by unbound. Please correct the following errors:
    /var/unbound/test/unbound.conf:104: error: syntax error
    read /var/unbound/test/unbound.conf failed: 1 errors in configuration file

    My unbound.conf is as follows;

    ##########################

    Unbound Configuration

    ##########################

    Server configuration

    server:

    chroot: /var/unbound
    username: "unbound"
    directory: "/var/unbound"
    pidfile: "/var/run/unbound.pid"
    use-syslog: yes
    port: 53
    verbosity: 1
    hide-identity: no
    hide-version: no
    harden-glue: yes
    do-ip4: yes
    do-ip6: no
    do-udp: yes
    do-tcp: yes
    do-daemonize: yes
    module-config: "iterator"
    unwanted-reply-threshold: 0
    num-queries-per-thread: 4096
    jostle-timeout: 200
    infra-host-ttl: 900
    infra-cache-numhosts: 10000
    outgoing-num-tcp: 10
    incoming-num-tcp: 10
    edns-buffer-size: 1232
    cache-max-ttl: 86400
    cache-min-ttl: 0
    harden-dnssec-stripped: no
    msg-cache-size: 4m
    rrset-cache-size: 8m

    num-threads: 4
    msg-cache-slabs: 4
    rrset-cache-slabs: 4
    infra-cache-slabs: 4
    key-cache-slabs: 4
    outgoing-range: 4096
    #so-rcvbuf: 4m

    prefetch: no
    prefetch-key: no
    use-caps-for-id: no
    serve-expired: no

    Statistics

    Unbound Statistics

    statistics-interval: 0
    extended-statistics: yes
    statistics-cumulative: yes

    TLS Configuration

    tls-cert-bundle: "/etc/ssl/cert.pem"

    Interface IP(s) to bind to

    interface-automatic: yes
    interface: 0.0.0.0
    interface: ::0

    Outgoing interfaces to be used

    DNS Rebinding

    For DNS Rebinding prevention

    private-address: 127.0.0.0/8
    private-address: 10.0.0.0/8
    private-address: ::ffff:a00:0/104
    private-address: 172.16.0.0/12
    private-address: ::ffff:ac10:0/108
    private-address: 169.254.0.0/16
    private-address: ::ffff:a9fe:0/112
    private-address: 192.168.0.0/16
    private-address: ::ffff:c0a8:0/112
    private-address: fd00::/8
    private-address: fe80::/10

    Access lists

    include: /var/unbound/test/access_lists.conf

    Static host entries

    include: /var/unbound/test/host_entries.conf

    dhcp lease entries

    include: /var/unbound/test/dhcpleases_entries.conf

    Domain overrides

    include: /var/unbound/test/domainoverrides.conf

    Forwarding

    forward-zone:
    name: "."
    forward-addr: 1.1.1.2
    forward-addr: 1.0.0.2

    Unbound custom options

    private-domain: "plex.direct"

    Remote Control Config

    include: /var/unbound/test/remotecontrol.conf


  • This :

    @chrisgtl said in unbound.conf:104: error: syntax error:

    /var/unbound/test/unbound.conf:104: error: syntax error

    has several clues.

    The "/test/" is something you could use on the forum for a Search. You find many references to your error (but I never really understood what was happening - I never saw these /test/ issues ).

    Line 104 doesn't exist in the config file you showed, which could indicate something isn't quoted correcly, or a user defined (name) field uses accents, etc.

    Check also :
    Free space on /var/unbound/
    Do a file system check (see the Netgate's video on Youtube about this )


  • Hello!

    Try :

    server:private-domain: "plex.direct"

    in your custom options.

    Adding, updating, or removing pfb can mess with your custom options, especially if you are depending on the "server" clause from pfb for your own custom directives.

    John


  • @serbus : I guess you nailed it.

    pfBlockerNG-devel 'thinks' it's the only one filling in this box :

    3c16adb2-47be-49f4-bf41-3d8f59d1353e-image.png

    other lines, entered by the admin, could be there also.

    This should be checked, as the format ( == syntax) is very important.


  • @serbus perfect! Thank you so much for helping me.