Search found 14 matches

by firewell
February 22nd, 2019, 12:08 am
Forum: Development
Topic: unbound - DoT
Replies: 67
Views: 7784

Re: unbound - DoT

ummeegge wrote:
February 18th, 2019, 7:23 pm
Hi all,
new version of unbound init is up.
I have this update running on one of the LAB VMs. So far so good, it survives reboots and continues working as planned. Doesn't seem to have any impact on static lease DNS lookups on the local LAN. Looking forward to C128 release!
by firewell
February 11th, 2019, 1:31 am
Forum: Development
Topic: unbound - DoT
Replies: 67
Views: 7784

Re: unbound - DoT

Thanks for the quick update. I applied this on a test VM and it appears to be working. Rebooting the VM results in DoT being used immediately after it restarts, I do not have to manually re-save a DoT entry in the WUI for changes to take effect. I also created a host alias after applying this latest...
by firewell
February 10th, 2019, 7:00 pm
Forum: Development
Topic: unbound - DoT
Replies: 67
Views: 7784

Re: unbound - DoT

More testing feedback: I do notice that when I set DoT servers via the WUI and I reboot IPfire, Unbound will only work in local-recursor mode sending plain text lookups out on Port 53. I have to go back to the DoT WUI, edit one of the existing DoT entries, and re-save it. This seems to restart Unbou...
by firewell
February 7th, 2019, 2:43 pm
Forum: Development
Topic: unbound - DoT
Replies: 67
Views: 7784

Re: unbound - DoT

Just to continue providing feedback, I'm now using the latest DoT script with IPfire 2.21 c127. The Web UI is nice but I also don't mind editing config files to get the results. Both manually editing config files and using the WebUI are giving me the same results. I say nice work! Will the WebUI DoT...
by firewell
January 25th, 2019, 1:17 am
Forum: Development
Topic: unbound - DoT
Replies: 67
Views: 7784

Re: unbound - DoT

Thank you ummeegge for your work on this! It's great to have a CLI based option so that we can start to specify our own forwarders.conf settings. I agree with you that it's good to invest in the future as DoT matures and begins to be more viable. Your efforts are appreciated, I am testing this on on...
by firewell
October 24th, 2018, 2:13 am
Forum: IPFire in General
Topic: petition: support for dns-over-tls
Replies: 12
Views: 1387

Re: petition: support for dns-over-tls

If you want to see DNS-over-TLS in IPFire, there is other ways to support this than putting more pressure on people. Are there any details on these other ways that we can use DoT on IPFire? We have another thread here where we tried to get DoT working and we cannot seem to get a functional configur...
by firewell
August 30th, 2018, 10:01 pm
Forum: IPFire in General
Topic: config unbound forward.conf
Replies: 17
Views: 3858

Re: config unbound forward.conf

Unfortunately I have not been able to make any progress on this. I see this thread has thousands of views but not many posters or support. I would be willing to test this functionality and help to validate it if the developers here would be willing to support this effort. I'm sure some of the other ...
by firewell
August 17th, 2018, 1:54 pm
Forum: IPFire in General
Topic: config unbound forward.conf
Replies: 17
Views: 3858

Re: config unbound forward.conf

Parker thanks for getting back to us. Hope you had a great holiday. :) In my config, I'm using a WAN/DHCP interface on RED, and we seem to have the same issues with DNS over TLS. Hopefully this means that the PPPoE config that you rely on isn't a factor in getting this to work correctly. From my lim...
by firewell
August 10th, 2018, 1:49 am
Forum: IPFire in General
Topic: config unbound forward.conf
Replies: 17
Views: 3858

Re: config unbound forward.conf

Thank you for posting the Calomel example, I have tried to follow it but am not having much success. I had a suspicion this would not work because IPfire seems to be doing some scripting to customize the config files and then inputting the results of those scripts into the config files on startup. B...
by firewell
August 2nd, 2018, 2:13 pm
Forum: IPFire in General
Topic: config unbound forward.conf
Replies: 17
Views: 3858

Re: config unbound forward.conf

I'm still struggling to get this working, I could use some help to see how this was resolved. Parker_lewis, do you have any hints you could give me to get me up and running? I have done the following changes: created file "/etc/sysconfig/unbound" and added "USE_FORWARDERS=0" to that file. created fi...
by firewell
August 1st, 2018, 7:56 pm
Forum: IPFire in General
Topic: config unbound forward.conf
Replies: 17
Views: 3858

Re: config unbound forward.conf

Does this mean that all settings to forward to a DNS-over-TLS provider need to be present in the /etc/sysnconfig/unbound file? I tried setting SE_FORWARDERS=0, and this forces unbound to be a local recursor and use root name servers on the net. However, if I place any .conf file in the local.d folde...
by firewell
June 18th, 2018, 11:32 pm
Forum: IPFire in General
Topic: How can we improve the IPFire Forums?
Replies: 39
Views: 4947

Re: How can we improve the IPFire Forums?

For me I don't find the current forums to be a hindrance. However, I've spent my entire internet lifetime browsing/lurking forums, so I'm used to various formats and layouts. To me, this is not the bottleneck for IPFire. Instead for me, the main areas that I think are holding the product back are as...
by firewell
June 7th, 2018, 9:50 pm
Forum: Development
Topic: Suggestion for future versions, GUI setting for Unbound DNS over TLS
Replies: 0
Views: 736

Suggestion for future versions, GUI setting for Unbound DNS over TLS

As a suggestion for future versions of IPFire, would it be possible to integrate Unbound DNS over TLS options in the GUI? Presently the GUI allows two DNS servers but uses them over standard UDP 53. I'm not aware of the ability to enable DoT on port 853 within the GUI.
by firewell
June 1st, 2018, 12:14 pm
Forum: Development
Topic: Feedback on 4.14 kernels for IPfire
Replies: 0
Views: 675

Feedback on 4.14 kernels for IPfire

Greetings, first post for me. I just wanted to post some feedback using the 4.14 Kernel that Arne F has uploaded to his IPFire profile. For me, this has been working very well and it has allowed me to use newer hardware that was not running well on the older 3.14 kernel. I recently built a new firew...