diff options
author | Warren Baker <warren@decoy.co.za> | 2014-03-29 14:52:33 +0200 |
---|---|---|
committer | Warren Baker <warren@decoy.co.za> | 2014-03-29 14:52:33 +0200 |
commit | 4e8e8cc80eaa38a205059540e22f841d561e2568 (patch) | |
tree | d66f5f7cf320fc710f6bdb2fff1cb0157fcc5688 /etc/inc/unbound.inc | |
parent | 58d00e65c9641d42db6544f4bb04d178e7886a7f (diff) | |
download | pfsense-4e8e8cc80eaa38a205059540e22f841d561e2568.zip pfsense-4e8e8cc80eaa38a205059540e22f841d561e2568.tar.gz |
Add localhost as always allowed and ensure to include the access lists
Diffstat (limited to 'etc/inc/unbound.inc')
-rw-r--r-- | etc/inc/unbound.inc | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/etc/inc/unbound.inc b/etc/inc/unbound.inc index f462e62..b36f120 100644 --- a/etc/inc/unbound.inc +++ b/etc/inc/unbound.inc @@ -270,6 +270,9 @@ prefetch-key: {$prefetch_key} {$private_addr} {$private_domains} +# Access lists +include: {$g['unbound_chroot_path']}/access_lists.conf + # Static host entries include: {$g['unbound_chroot_path']}/host_entries.conf @@ -607,7 +610,8 @@ EOF; function unbound_acls_config() { global $g, $config; - $aclcfg = ""; + $aclcfg = "access-control: 127.0.0.1/32 allow\n"; + $aclcfg .= "access-control: ::1 allow\n"; // Add our networks for active interfaces including localhost if (!empty($config['unbound']['active_interface'])) $active_interfaces = array_flip(explode(",", $config['unbound']['active_interface'])); |