Git Product home page Git Product logo

unbound's Introduction

Unbound file configuration and some others tweaks

🎯 This repository hosts a version of Unbound server for OpenBSD with some tweaks cleaning your web experience.

📝 Here the man for unbound configuration file.
📝 Here the documentation to optimize your Unbound with your ressources.
📝 Here the Response Policy Zones (RPZ) documentation.

🛡️ Secure your external DNS request with DNS over TLS, configure RPZ option and build lists for a better and more efficient (reducing your carbon impact) web experience.

Prerequisites

  • You need to have an account with doas set correctly.

  • Unbound enable and start:

    • rcctl enable unbound
    • rcctl start unbound

  • Activate modules here below in your configuration file unbound.conf:

    • module-config: "respip validator iterator"

  • Check your configuration file before reload:

    • unbound-checkconf /var/unbound/etc/unbound.conf
    • rcctl reload unbound

Usage

For unbound.conf change these values:

  • access-control: your_network_here/CIDR_prefix allow
  • interface: your_ip_here
  • private-address: your_network_here/CIDR_prefix

For unbound-ph15h1n9-001.sh update the backup path:

  • filebkp01="your_backup_path/2pz-l1s7-ph15h1n9-001.bkp"

Depend of the context but sometimes we need to play with redirect or with RPZ.

  • Redirect is used when you want to block all subdomains under a TLD, including those which do not yet exist.
  • RPZ in more fine tuning you can apply policy for eachs records, compare to redirect, if a record is not under RPZ policy, resolution is provided❗️

Redirect (2d2)

  • 2d2-l1s7-8l4ckh4t-001
    This list is a redirect receiving all TLD known as bad.
  • 2d2-l1s7-ph15h1n9-003.txt
    This list is a redirect receiving all TLD coming from 🇫🇷 SMS services not listed in the list 2d2-l1s7-ph15h1n9-001.txt.

RPZ (2pz)

Script

Blueteam - Check new settings

You can test your Unbound server configuration here:

🐡 Have fun!

unbound's People

Contributors

seheyah avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.