Validating, recursive, and caching DNS(SEC) resolver
c5810ec4d9
https://nlnetlabs.nl/projects/unbound/download/#unbound-1-15-0
- Fix #596: unset the RA bit when a query is blocked by an unbound RPZ nxdomain reply.
The option rpz-signal-nxdomain-ra allows to signal that a domain is externally
blocked to clients when it is blocked with NXDOMAIN by unsetting RA.
- Add rpz: for-downstream: yesno option, where the RPZ zone is authoritatively answered
for, so the RPZ zone contents can be checked with DNS queries directed at the RPZ zone.
- Merge PR #616: Update ratelimit logic. It also introduces ratelimit-backoff and
ip-ratelimit-backoff configuration options.
- Change aggressive-nsec default to yes.
(cherry picked from commit
|
||
|---|---|---|
| .gitignore | ||
| block-example.com.conf | ||
| example.com.conf | ||
| example.com.key | ||
| gating.yaml | ||
| icannbundle.pem | ||
| root.anchor | ||
| root.key | ||
| sources | ||
| tmpfiles-unbound.conf | ||
| unbound_munin_ | ||
| unbound-1.8.0-rh1633874.patch | ||
| unbound-1.8.1-keygen-group-rights.patch | ||
| unbound-1.8.2-dns64.patch | ||
| unbound-aarch64.patch | ||
| unbound-anchor.service | ||
| unbound-anchor.timer | ||
| unbound-keygen.service | ||
| unbound-munin.README | ||
| unbound.conf | ||
| unbound.munin | ||
| unbound.service | ||
| unbound.spec | ||
| unbound.sysconfig | ||
| wouter.nlnetlabs.nl.key | ||