2017-01-20 11:17:20 +01:00
|
|
|
---
|
|
|
|
|
categories: openbsd network
|
|
|
|
|
title: HowToOpenBSD/Unbound
|
|
|
|
|
---
|
2016-12-29 11:25:39 +01:00
|
|
|
|
2017-01-20 11:17:20 +01:00
|
|
|
Voici ce que doit contenir le fichier `/var/unbound/etc/unbound.conf`
|
2016-12-29 11:25:39 +01:00
|
|
|
|
|
|
|
|
~~~
|
|
|
|
|
server:
|
2017-01-20 11:17:20 +01:00
|
|
|
# interface sur laquelle le daemon écoute
|
|
|
|
|
interface: XX.XX.XX.XX
|
|
|
|
|
interface: 127.0.0.1
|
|
|
|
|
interface: ::1
|
2016-12-29 11:25:39 +01:00
|
|
|
|
2017-01-20 11:17:20 +01:00
|
|
|
access-control: 0.0.0.0/0 refuse
|
|
|
|
|
access-control: 127.0.0.0/8 allow
|
|
|
|
|
# important, on précise qui pourra interroger le service
|
|
|
|
|
access-control: XX.XX.XX.0/24 allow
|
|
|
|
|
access-control: ::0/0 refuse
|
|
|
|
|
access-control: ::1 allow
|
2016-12-29 11:25:39 +01:00
|
|
|
|
2017-01-20 11:17:20 +01:00
|
|
|
hide-identity: yes
|
|
|
|
|
hide-version: yes
|
2016-12-29 11:25:39 +01:00
|
|
|
|
2017-01-20 11:17:20 +01:00
|
|
|
auto-trust-anchor-file: "/var/unbound/db/root.key"
|
2016-12-29 11:25:39 +01:00
|
|
|
~~~
|
|
|
|
|
|
2017-01-20 11:17:20 +01:00
|
|
|
On active unbound dans `rc.conf.local` et on démarre le daemon !
|
2016-12-29 11:25:39 +01:00
|
|
|
|
|
|
|
|
~~~
|
2017-01-10 17:26:23 +01:00
|
|
|
# rcctl enable unbound
|
|
|
|
|
# rcctl start unbound
|
2016-12-29 11:25:39 +01:00
|
|
|
~~~
|
