From patchwork Mon Apr 27 22:23:57 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Giovanni Aneloni X-Patchwork-Id: 3018 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 499zpK0FKXz3xQy for ; Mon, 27 Apr 2020 22:24:09 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail02.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 499zpH3WfBzdp; Mon, 27 Apr 2020 22:24:07 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 499zpG6P9vz2y3Z; Mon, 27 Apr 2020 22:24:06 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 499zpF49K2z2y3Z for ; Mon, 27 Apr 2020 22:24:05 +0000 (UTC) Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05olkn20821.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e1b::821]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "GlobalSign Organization Validation CA - SHA256 - G3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 499zpD4lNCzdp for ; Mon, 27 Apr 2020 22:24:04 +0000 (UTC) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nQPz+E9BKsnLG+4KT8Ksk7AEod079SRlUl08RHdChFvrkXEdLZoNkNF46b0Mi7gPH/4X2s631GaHQE2S8ecU5lliMRo29BjMAf8vP/ThKx4oWPyOInrLZNcxtmes6n0cqJl5NlAJOPdAuR3IQ7rxLWbqR1F4Kst5D/3JOWhaRcd8CI4a79WuxU2TtYu6TDL8websX1N4tFwS5tVAwx95fDWT40JEV4ZBJKRpE1tzPBpfVlL4+wG3PRVhrpBsbSJE+igEnciLbRscaFJ5I1BVlwF049eGYs0usr/9Al1jXGubuXhFTKMo8Ta02/m5ZiL+Q5UCq8y0hwpg6XzJ528vHA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zSUbP5TxpORysOWY/YTJzfnpVeaIhrs7kIqbzQVLeRg=; b=HAnAq+vQCIqAyN4KYBQv3eDyYISru6hcwafMuyMNvmWr125rjjs8LQvetcv/vAAFf3pi39BYUUSKrjzTs4iLy5f78wCIztEAeChoVLV5gP/MNDrTVcRaO/qHUHsCEuztXdTnNyrhSQMtA/exzOmXd9umgNPyouDghTX3urSSd4I0d/oWAHRxovQfoAv/3r1gQxaMNFv2dZEM9khnti96cME0una/qfWufvOE4bk67DFLjfb7a3IHrH0ps6JOY2gmDtAc2sxcSq56GQ7RfR/uYjaUfv7pDPgZ7FphlWBtdhzgIZcR/Fd4aAgOAVBjMjDwBmCs4shTf5OBK9PTDTmHUw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=live.com; dmarc=pass action=none header.from=live.com; dkim=pass header.d=live.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=live.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zSUbP5TxpORysOWY/YTJzfnpVeaIhrs7kIqbzQVLeRg=; b=qXXUKRwhAcxdy24GHusOfdjxfDxRHyZryRA9qXLQ0OYU2a0QbiypPeiRO7VLKe3gWZ8QWCP6w2NUsujbcoAcHh1kz9peRBTzvEpi+ue+ePNOyzFN7W1x5WwZDmlXoTCKw4fijyxhYxKiPqGRH2zkQiQbCSy59HR241sBL+f0LAVXfLMghgPqwhE63c/Wv0BNw6pWRD+OraIVfn1fq6of7QpZL7NdPIN9e13UV17lSGDi/y5aic6FaCZCgWi3j1RuHENDFnxneMMBCdV18K/UwA4e4kxtxCNZpoMntf0uGxsLtrWuIzWwbKIMED5tSxjmwleCSC1CHMw6WSBxNxbh4w== Received: from VI1EUR05FT033.eop-eur05.prod.protection.outlook.com (2a01:111:e400:fc12::45) by VI1EUR05HT186.eop-eur05.prod.protection.outlook.com (2a01:111:e400:fc12::290) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2937.15; Mon, 27 Apr 2020 22:23:57 +0000 Received: from AM0PR03MB6051.eurprd03.prod.outlook.com (2a01:111:e400:fc12::44) by VI1EUR05FT033.mail.protection.outlook.com (2a01:111:e400:fc12::440) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2937.15 via Frontend Transport; Mon, 27 Apr 2020 22:23:57 +0000 X-IncomingTopHeaderMarker: OriginalChecksum:697FF4331A012EEB2F857DCE79050DA2360CE14330098AACC0A323719470CD2F; UpperCasedChecksum:3CFC618543DE9076B0B7437CB12C046DC8E225C1D4EC4E1DE37F2AA6CE263C2C; SizeAsReceived:7699; Count:47 Received: from AM0PR03MB6051.eurprd03.prod.outlook.com ([fe80::90b4:a103:d06b:6e77]) by AM0PR03MB6051.eurprd03.prod.outlook.com ([fe80::90b4:a103:d06b:6e77%2]) with mapi id 15.20.2937.023; Mon, 27 Apr 2020 22:23:57 +0000 To: development@lists.ipfire.org From: Giovanni Aneloni Subject: [PATCH] unbound: make local zone transparent Message-ID: Date: Tue, 28 Apr 2020 00:23:57 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.7.0 Content-Language: it-IT X-ClientProxiedBy: MRXP264CA0016.FRAP264.PROD.OUTLOOK.COM (2603:10a6:500:15::28) To AM0PR03MB6051.eurprd03.prod.outlook.com (2603:10a6:208:158::19) X-Microsoft-Original-Message-ID: MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from [10.5.11.2] (82.52.117.203) by MRXP264CA0016.FRAP264.PROD.OUTLOOK.COM (2603:10a6:500:15::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2937.13 via Frontend Transport; Mon, 27 Apr 2020 22:23:56 +0000 X-Microsoft-Original-Message-ID: X-TMN: [t8OyCg2Yo5/0a/PDL9Ro+65tEw7guJcq] X-MS-PublicTrafficType: Email X-IncomingHeaderCount: 47 X-EOPAttributedMessage: 0 X-MS-Office365-Filtering-Correlation-Id: e2f73d68-d163-4da5-1c98-08d7eaf9ad16 X-MS-TrafficTypeDiagnostic: VI1EUR05HT186: X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: c6jo7SEFIq0r4O6iG0dgqRDN+7Mzbc4k2fZZdcy6nn+Km9rq6scoTRzTbuiouzKycIcyUVrBTuYfeYHOyoJ7Ch/OaJNRVhmZPTcUHPQ3lFSbZTGarLpXIXg0izjca10QdK8J3rQ6tffaynjT9UtTTia1r3vG5ps0dbGVg57tNKW679g7u6lLfZv8RF0YmJT4rdtixBeb8R5TItnwkZntuVK5afI6eaRShA6yrfEm68SLlXMKsSJXHSQv1+noHUAr X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:0; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR03MB6051.eurprd03.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:; DIR:OUT; SFP:1901; X-MS-Exchange-AntiSpam-MessageData: jh5IfaBx6TgrDFFyN+mPR+yBXMAutmqagjwrSMdO4sbkasl6PErk3iwE2WuuDNBL1W5b0ENYjiODxDhWtidclyfzRRMzjlO20Suh5PvRPwvrXqhqGepQBqjcvJE2ELEluJRd+IN1XLGk3EmHS3VDpg== X-OriginatorOrg: live.com X-MS-Exchange-CrossTenant-Network-Message-Id: e2f73d68-d163-4da5-1c98-08d7eaf9ad16 X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Apr 2020 22:23:56.9767 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-FromEntityHeader: Internet X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1EUR05HT186 ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=lists.ipfire.org; s=202003rsa; t=1588026244; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding:dkim-signature; bh=zSUbP5TxpORysOWY/YTJzfnpVeaIhrs7kIqbzQVLeRg=; b=EX+xhYfDQjQnCdnDO8cQKQ1PqNw3NeDU1IZ1x417IF71KIlKw5bKcIhIjxgwocdut6UFuD 3ylk34rC6mNxwFzT7C33ySPCSmQkG7H7K3pFBODycbLUSdKH5HXiPdJu8CVlyUqXVlwr1H D/UV+b4+Dud5N4X36iPsEX1BwooyF8ODV6vncyOCtriT0/wf1SQA431A54fU15QEfp1/Te cQns3OwgyAKMu5hPEHKj8A39Tck3CBdkivIl+LFYbq9NbfGCFFZkmSSbVQTFuKy8Kg9wbY 9oc2pzb449jkUTu/PcfZiHWl/D8i4rPfPuqtU5SFqNGC7frjX3R6cv7qvFqcYg== ARC-Seal: i=2; s=202003rsa; d=lists.ipfire.org; t=1588026244; a=rsa-sha256; cv=pass; b=waa20sQ/d/7P/3vg3mRCDeSK9Nal90Ad4SnuWn9PbyX9s5TEGMyv5Z65QtTMIMTVK79fat yWT39NNSoAqyMiau8YhIVK0LOJrG/9fM28JkndAouvjc/IO+Bk2oP1tqgfQZ8eZdSYg+HJ zvEUz0g/3OIz/gn2/8B7IQBDcw3YWPezcI1krmStJKjOblgsZNlFCXMiBMcWhPwhw4sRw1 KtuxfnjC5nOYZT+1uLJFU7bEgrmnsqAZl1LK2Y6bjvZteeyqxf7tpsvcqdzYrXEtnT1MNd Muk3HaNX1nuJfV6DipebLx/Sw0NvJXK5lJYG3ImbGznxiUmyEKEG5pMqok7B5Q== ARC-Authentication-Results: i=2; mail01.ipfire.org; dkim=pass header.d=live.com header.s=selector1 header.b=qXXUKRwh; arc=pass (microsoft.com:s=arcselector9901:i=1); dmarc=pass (policy=none) header.from=live.com; spf=pass (mail01.ipfire.org: domain of giovanni.aneloni@live.com designates 2a01:111:f400:7e1b::821 as permitted sender) smtp.mailfrom=giovanni.aneloni@live.com Authentication-Results: mail01.ipfire.org; dkim=pass header.d=live.com header.s=selector1 header.b=qXXUKRwh; dmarc=pass (policy=none) header.from=live.com; spf=pass (mail01.ipfire.org: domain of giovanni.aneloni@live.com designates 2a01:111:f400:7e1b::821 as permitted sender) smtp.mailfrom=giovanni.aneloni@live.com X-Rspamd-Queue-Id: 499zpD4lNCzdp X-Spamd-Result: default: False [-2.80 / 11.00]; RCVD_TLS_LAST(0.00)[]; RCVD_COUNT_FIVE(0.00)[5]; R_DKIM_ALLOW(-0.20)[live.com:s=selector1]; FROM_HAS_DN(0.00)[]; FREEMAIL_FROM(0.00)[live.com]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; ARC_SIGNED(0.00)[i=2]; ARC_ALLOW(-1.00)[microsoft.com:s=arcselector9901:i=1]; RCPT_COUNT_ONE(0.00)[1]; RECEIVED_SPAMHAUS_PBL(0.00)[82.52.117.203:received]; R_SPF_ALLOW(-0.20)[+ip6:2a01:111:f400::/48]; MX_GOOD(-0.01)[]; DKIM_TRACE(0.00)[live.com:+]; DMARC_POLICY_ALLOW(-0.50)[live.com,none]; NEURAL_HAM(-1.04)[-1.042]; IP_REPUTATION_SPAM(0.12)[asn: 8075(0.12), country: US(-0.00), ip: 2a01:111:f400:7e1b::821(0.00)]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[live.com]; ASN(0.00)[asn:8075, ipnet:2a01:111:f000::/36, country:US]; FORGED_MUA_THUNDERBIRD_MSGID_UNKNOWN(2.50)[]; BAYES_HAM(-2.37)[97.09%]; DWL_DNSWL_NONE(0.00)[live.com:dkim] X-Rspamd-Server: mail01.haj.ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Fixes: https://bugzilla.ipfire.org/show_bug.cgi?id=12391 Change local zone to "trasnparent" instead of "typetrasnparent" to avoid NXDOMAIN when querying local hosts Signed-off-by: Giovanni Aneloni Reviewed-by: Peter Müller Acked-by: Michael Tremer diff --git a/src/initscripts/system/unbound b/src/initscripts/system/unbound index acbf6f5b5..825ac74ec 100644 --- a/src/initscripts/system/unbound +++ b/src/initscripts/system/unbound @@ -81,7 +81,7 @@ write_hosts_conf() { # Skip empty domainnames [ "${domainname}" = "" ] && continue - echo "local-zone: ${domainname} typetransparent" + echo "local-zone: ${domainname} transparent" done < /var/ipfire/main/hosts | sort -u # Add all hosts