unbound.conf
server:
verbosity: 0
port: 53
interface: 127.0.0.1
interface: 10.44.40.200 (ip сетевой карты локальной сети)
outgoing-interface: ip сетевой карты инет
access-control: 0.0.0.0/0 refuse
access-control: 10.0.0.0/24 allow
access-control: 10.44.4.200/32 allow
access-control: 127.0.0.1 allow
do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
username: unbound
logfile: "unbound.log"
use-syslog: no
pidfile: "/var/run/local_unbound.pid"
hide-version: yes
forward-zone: name: "."
forward-addr: 208.67.222.222
forward-addr: 208.67.220.220
remote-control:
control-enable: yes
control-interface: 127.0.0.1
control-port: 953
server-key-file: "unbound_server.key"
server-cert-file: "unbound_server.pem"
control-key-file: "unbound_control.key"
sockstat -4 -l
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS
unbound unbound 679 3 udp4 *:53 *:*
unbound unbound 679 4 tcp4 *:53 *:*
unbound unbound 679 5 tcp4 127.0.0.1:953 *:*
netstat -Lan
Current listen queue sizes (qlen/incqlen/maxqlen)
Proto Listen Local Address
tcp4 0/0/5 127.0.0.1.953
tcp4 0/0/5 *.53
Но не работает. Что я неправильно прописал?
drill @127.0.0.1 mail.ru
;; No packet received
unbound-control-setup
setup in directory /etc/unbound
unbound_server.key exists
unbound_control.key exists
create unbound_server.pem (self signed certificate)
create unbound_control.pem (signed client certificate)
Signature ok
subject=/CN=unbound-control
Getting CA Private Key
Setup success. Certificates created. Enable in unbound.conf file to use