1 (05.12.2014 14:20:02 отредактировано Plintus)

Тема: Unbound

unbound.conf

server:
verbosity: 0
port: 53
interface: 127.0.0.1
interface: 10.44.40.200 (ip сетевой карты локальной сети)
outgoing-interface:  ip сетевой карты инет
access-control: 0.0.0.0/0 refuse
access-control: 10.0.0.0/24 allow
access-control: 10.44.4.200/32 allow
access-control: 127.0.0.1 allow
do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
username: unbound
logfile: "unbound.log"
use-syslog: no
pidfile: "/var/run/local_unbound.pid"
hide-version: yes
forward-zone: name: "."
forward-addr: 208.67.222.222
forward-addr: 208.67.220.220


remote-control:
control-enable: yes
control-interface: 127.0.0.1
control-port: 953
server-key-file: "unbound_server.key"
server-cert-file: "unbound_server.pem"
control-key-file: "unbound_control.key"




sockstat -4 -l
USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS      

unbound  unbound    679   3  udp4   *:53                  *:*
unbound  unbound    679   4  tcp4   *:53                  *:*
unbound  unbound    679   5  tcp4   127.0.0.1:953         *:*
netstat -Lan 
Current listen queue sizes (qlen/incqlen/maxqlen)
Proto Listen         Local Address         
      
tcp4  0/0/5          127.0.0.1.953          
tcp4  0/0/5          *.53       

     
Но не работает. Что я неправильно прописал?

drill @127.0.0.1 mail.ru
;; No packet received

unbound-control-setup
setup in directory /etc/unbound
unbound_server.key exists
unbound_control.key exists
create unbound_server.pem (self signed certificate)
create unbound_control.pem (signed client certificate)
Signature ok
subject=/CN=unbound-control
Getting CA Private Key
Setup success. Certificates created. Enable in unbound.conf file to use