Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

always_null and others inside view #474

Closed
ethey opened this issue Apr 27, 2021 · 1 comment
Closed

always_null and others inside view #474

ethey opened this issue Apr 27, 2021 · 1 comment

Comments

@ethey
Copy link

ethey commented Apr 27, 2021

This is regarding issue the feature request #397 and the implementation of the always_null zone.

The always_null zone does not seem to work inside a view:

server:
  access-control-view: 127.0.0.0/8 "local"

view:
  name: "local"
  local-zone: "example.com" always_null

gives the error error: local-zone type: expected static, deny, refuse, redirect, transparent, typetransparent, inform, inform_deny, always_transparent, always_refuse, always_nxdomain, noview or nodefault, while there is no problem if the local zone is in the server section.

The documentation indicates that the local-zone inside a view should Ha[ve] the same types and behaviour as the global local-zone elements, however it is not implemented in configparser.y. always_nodata and always_deny also seem to be missing.

I have tested version 1.13.1 on Debian and Arch.

@wcawijngaards
Copy link
Member

Thanks for the report. The checks for the input was missing on these types, fixed the checks and the always_null, always_nodata and always_deny local zone types work in a view local-zone.

jedisct1 added a commit to jedisct1/unbound that referenced this issue May 9, 2021
* nlnet/master:
  - Remove case fallthrough from deprecate-rsa-1024 code.
  - Add ./configure --with-deprecate-rsa-1024 that turns off RSA 1024.
  - Fix NLnetLabs#485: Unbound occasionally reports broken stats.
  - Rerun flex and bison.
  - Fix to squelch tcp socket bind failures when the interface is gone.
  - Add more logging for out-of-memory cases.
  - Fix for NLnetLabs#367: only attempt to get the interface for queries   that are no longer on the tcp_waiting_list.
  Clearer template text since not everyone can reopen GitHub issues.
  Changelog note for NLnetLabs#478 - Merge NLnetLabs#478: Allow configuration of TCP timeout while waiting for   response.
  Changelog note and improved comment. - Fix NLnetLabs#481: Fix comment in configuration file.
  doc/example.conf.in: Clarify comment for `auto-trust-anchor-file`
  - Add that log-servfail prints an IP address and more information   about one of the last failures for that query.
  Allow configuration of TCP timeout while waiting for response
  Create issue templates
  - Fix compiler warning for signed/unsigned comparison for   max_reuse_tcp_queries.
  - Fix NLnetLabs#474: always_null and others inside view.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants