Date: Sun, 7 Apr 2024 13:21:22 -0400 From: LuMiWa <lumiwa@dismail.de> To: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: unbound Message-ID: <20240407132122.4df71b31@dismail.de>
next in thread | raw e-mail | index | archive | help
Hi! I have unbound from ports on FreeBSD 14.0 which I use for DNS over TLS. In /etc/resov.conf I have=20 nameserver 127.0.0.1 options edns0 and in /usr/loca/etc/unbound/unbound.conf I have server: port:53 directory: /usr/local/etc/unbound username: unbound chroot: /usr/local/etc/unbound=20 tls-cert-bundle: /etc/ssl/cert.pem module-config: "validator iterator"=20 access-control: 127.0.0.1/8 allow =20 .... .... forward-zone:=20 name: "."=20 forward-tls-upstream: yes forward-first: no forward-addr: 9.9.9.9@853#dns.quad9.net=20 forward-addr: 149.112.112.112@853#dns.quad9.net And it doesn't works but google, cloadflare have not problem. Than I added auto-trust-anchor-file: And start works except claws-mail. I am using IPFW firewal, default workstation and it blocks ipfw: 65500 Deny TCP 149.112.112.112:853 192.168.1.194:18760 in via lagg0 ipfw: 65500 Deny TCP 9.9.9.9:853 192.168.1.194:15141 in via lagg0 What should be the reason, please? Thank you. --=20 "If you can't explain it to a six year old, you don't understand it yourself." =E2=80=94 Albert Einstein
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20240407132122.4df71b31>