added unbound sample config to firewall-test

2 files changed, 104 insertions, 0 deletions

diff --git a/config/firewall-test/unbound/etc/root.hints b/config/firewall-test/unbound/etc/root.hints
new file mode 100644
index 0000000..f752a83
--- /dev/null
+++ b/config/firewall-test/unbound/etc/root.hints
@@ -0,0 +1,39 @@
+.			3600000	IN	NS	a.root-servers.net.
+.			3600000	IN	NS	b.root-servers.net.
+.			3600000	IN	NS	c.root-servers.net.
+.			3600000	IN	NS	d.root-servers.net.
+.			3600000	IN	NS	e.root-servers.net.
+.			3600000	IN	NS	f.root-servers.net.
+.			3600000	IN	NS	g.root-servers.net.
+.			3600000	IN	NS	h.root-servers.net.
+.			3600000	IN	NS	i.root-servers.net.
+.			3600000	IN	NS	j.root-servers.net.
+.			3600000	IN	NS	k.root-servers.net.
+.			3600000	IN	NS	l.root-servers.net.
+.			3600000	IN	NS	m.root-servers.net.
+a.root-servers.net.	3600000	IN	A	198.41.0.4
+a.root-servers.net.	3600000	IN	AAAA	2001:503:ba3e:0:0:0:2:30
+b.root-servers.net.	3600000	IN	A	199.9.14.201
+b.root-servers.net.	3600000	IN	AAAA	2001:500:200:0:0:0:0:b
+c.root-servers.net.	3600000	IN	A	192.33.4.12
+c.root-servers.net.	3600000	IN	AAAA	2001:500:2:0:0:0:0:c
+d.root-servers.net.	3600000	IN	A	199.7.91.13
+d.root-servers.net.	3600000	IN	AAAA	2001:500:2d:0:0:0:0:d
+e.root-servers.net.	3600000	IN	A	192.203.230.10
+e.root-servers.net.	3600000	IN	AAAA	2001:500:a8:0:0:0:0:e
+f.root-servers.net.	3600000	IN	A	192.5.5.241
+f.root-servers.net.	3600000	IN	AAAA	2001:500:2f:0:0:0:0:f
+g.root-servers.net.	3600000	IN	A	192.112.36.4
+g.root-servers.net.	3600000	IN	AAAA	2001:500:12:0:0:0:0:d0d
+h.root-servers.net.	3600000	IN	A	198.97.190.53
+h.root-servers.net.	3600000	IN	AAAA	2001:500:1:0:0:0:0:53
+i.root-servers.net.	3600000	IN	A	192.36.148.17
+i.root-servers.net.	3600000	IN	AAAA	2001:7fe:0:0:0:0:0:53
+j.root-servers.net.	3600000	IN	A	192.58.128.30
+j.root-servers.net.	3600000	IN	AAAA	2001:503:c27:0:0:0:2:30
+k.root-servers.net.	3600000	IN	A	193.0.14.129
+k.root-servers.net.	3600000	IN	AAAA	2001:7fd:0:0:0:0:0:1
+l.root-servers.net.	3600000	IN	A	199.7.83.42
+l.root-servers.net.	3600000	IN	AAAA	2001:500:9f:0:0:0:0:42
+m.root-servers.net.	3600000	IN	A	202.12.27.33
+m.root-servers.net.	3600000	IN	AAAA	2001:dc3:0:0:0:0:0:35
diff --git a/config/firewall-test/unbound/etc/unbound.conf b/config/firewall-test/unbound/etc/unbound.conf
new file mode 100644
index 0000000..86bc776
--- /dev/null
+++ b/config/firewall-test/unbound/etc/unbound.conf
@@ -0,0 +1,65 @@
+# $OpenBSD: unbound.conf,v 1.5 2015/07/19 17:29:42 sthen Exp $
+	
+server:
+	interface: 127.0.0.1@53
+	interface: 192.168.0.1@53
+	do-ip4: yes
+	do-udp: yes
+	do-ip6: no
+
+	access-control: 192.168.0.0/24 allow
+	access-control: 192.168.10.0/24 allow
+	access-control: 192.168.20.0/24 allow
+	access-control: 192.168.30.0/24 allow
+	access-control: 127.0.0.0/8 allow
+	access-control: 0.0.0.0/0 refuse
+
+	hide-identity: yes
+	hide-version: yes
+	num-threads: 1
+
+	private-address: 192.168.0.0/24
+	private-address: 192.168.10.0/24
+	private-address: 192.168.20.0/24
+	private-address: 192.168.30.0/24
+	private-address: 127.0.0.0/8
+
+	private-domain: "eurospider.ch"
+
+	local-zone: "lan." nodefault
+	local-zone: "168.192.in-addr.arpa." nodefault
+
+ 	verbosity: 0
+
+	root-hints: "/etc/root.hints"
+
+	do-not-query-localhost: no
+
+remote-control:
+	control-enable: yes
+	control-interface: 127.0.0.1
+
+stub-zone:
+	name: "eurospider.ch."
+	stub-addr: 192.168.0.11
+
+stub-zone:
+	name: "0.168.192.in-addr.arpa."
+	stub-addr: 192.168.0.11
+
+stub-zone:
+	name: "10.168.192.in-addr.arpa."
+	stub-addr: 192.168.0.11
+
+stub-zone:
+	name: "20.168.192.in-addr.arpa."
+	stub-addr: 192.168.0.11
+
+stub-zone:
+	name: "30.168.192.in-addr.arpa."
+	stub-addr: 192.168.0.11
+
+forward-zone:
+	name: "."
+	forward-addr: 62.12.130.66
+	forward-addr: 193.246.253.10