From mboxrd@z Thu Jan 1 00:00:00 1970 From: Matthias Fischer To: development@lists.ipfire.org Subject: Re: [RFC PATCH 1/8] unbound: Add switch to enable Google Safe Search Date: Wed, 01 May 2019 15:11:22 +0200 Message-ID: In-Reply-To: <20190430161645.24261-2-michael.tremer@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============4367236582961024328==" List-Id: --===============4367236582961024328== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hi, Hm. Did I miss something? Testing the Safesearch-Feature gives me: "Hmm. We=E2=80=99re having trouble finding that site. We can=E2=80=99t connect to the server at www.google.de." =3D> I can't connect to ANY of the now "safe searching" search engines. Only https://yandex.ru/ works... Best, Matthias On 30.04.2019 18:16, Michael Tremer wrote: > Signed-off-by: Michael Tremer > --- > src/initscripts/system/unbound | 215 +++++++++++++++++++++++++++++++++++++= ++++ > 1 file changed, 215 insertions(+) >=20 > diff --git a/src/initscripts/system/unbound b/src/initscripts/system/unbound > index fbb096e0d..4ac8331dc 100644 > --- a/src/initscripts/system/unbound > +++ b/src/initscripts/system/unbound > @@ -14,6 +14,7 @@ TEST_DOMAIN_FAIL=3D"dnssec-failed.org" > =20 > INSECURE_ZONES=3D > USE_FORWARDERS=3D1 > +ENABLE_SAFE_SEARCH=3Doff > =20 > # Cache any local zones for 60 seconds > LOCAL_TTL=3D60 > @@ -21,6 +22,202 @@ LOCAL_TTL=3D60 > # EDNS buffer size > EDNS_DEFAULT_BUFFER_SIZE=3D4096 > =20 > +GOOGLE_TLDS=3D( > + google.ad > + google.ae > + google.al > + google.am > + google.as > + google.at > + google.az > + google.ba > + google.be > + google.bf > + google.bg > + google.bi > + google.bj > + google.bs > + google.bt > + google.by > + google.ca > + google.cat > + google.cd > + google.cf > + google.cg > + google.ch > + google.ci > + google.cl > + google.cm > + google.cn > + google.co.ao > + google.co.bw > + google.co.ck > + google.co.cr > + google.co.id > + google.co.il > + google.co.in > + google.co.jp > + google.co.ke > + google.co.kr > + google.co.ls > + google.com > + google.co.ma > + google.com.af > + google.com.ag > + google.com.ai > + google.com.ar > + google.com.au > + google.com.bd > + google.com.bh > + google.com.bn > + google.com.bo > + google.com.br > + google.com.bz > + google.com.co > + google.com.cu > + google.com.cy > + google.com.do > + google.com.ec > + google.com.eg > + google.com.et > + google.com.fj > + google.com.gh > + google.com.gi > + google.com.gt > + google.com.hk > + google.com.jm > + google.com.kh > + google.com.kw > + google.com.lb > + google.com.ly > + google.com.mm > + google.com.mt > + google.com.mx > + google.com.my > + google.com.na > + google.com.nf > + google.com.ng > + google.com.ni > + google.com.np > + google.com.om > + google.com.pa > + google.com.pe > + google.com.pg > + google.com.ph > + google.com.pk > + google.com.pr > + google.com.py > + google.com.qa > + google.com.sa > + google.com.sb > + google.com.sg > + google.com.sl > + google.com.sv > + google.com.tj > + google.com.tr > + google.com.tw > + google.com.ua > + google.com.uy > + google.com.vc > + google.com.vn > + google.co.mz > + google.co.nz > + google.co.th > + google.co.tz > + google.co.ug > + google.co.uk > + google.co.uz > + google.co.ve > + google.co.vi > + google.co.za > + google.co.zm > + google.co.zw > + google.cv > + google.cz > + google.de > + google.dj > + google.dk > + google.dm > + google.dz > + google.ee > + google.es > + google.fi > + google.fm > + google.fr > + google.ga > + google.ge > + google.gg > + google.gl > + google.gm > + google.gp > + google.gr > + google.gy > + google.hn > + google.hr > + google.ht > + google.hu > + google.ie > + google.im > + google.iq > + google.is > + google.it > + google.je > + google.jo > + google.kg > + google.ki > + google.kz > + google.la > + google.li > + google.lk > + google.lt > + google.lu > + google.lv > + google.md > + google.me > + google.mg > + google.mk > + google.ml > + google.mn > + google.ms > + google.mu > + google.mv > + google.mw > + google.ne > + google.nl > + google.no > + google.nr > + google.nu > + google.pl > + google.pn > + google.ps > + google.pt > + google.ro > + google.rs > + google.ru > + google.rw > + google.sc > + google.se > + google.sh > + google.si > + google.sk > + google.sm > + google.sn > + google.so > + google.sr > + google.st > + google.td > + google.tg > + google.tk > + google.tl > + google.tm > + google.tn > + google.to > + google.tt > + google.vg > + google.vu > + google.ws > +) > + > # Load optional configuration > [ -e "/etc/sysconfig/unbound" ] && . /etc/sysconfig/unbound > =20 > @@ -481,6 +678,21 @@ fix_time_if_dns_fail() { > fi > } > =20 > +# Sets up Safe Search for various search engines > +setup_safe_search() { > + # Nothing to do if safe search is not enabled > + if [ "${ENABLE_SAFE_SEARCH}" !=3D "on" ]; then > + return 0 > + fi > + > + local domain > + > + # Google > + for domain in ${GOOGLE_TLDS[@]}; do > + unbound-control local_data "${domain} CNAME forcesafesearch.google.com." > + done > +} > + > case "$1" in > start) > # Print a nicer messagen when unbound is already running > @@ -501,6 +713,9 @@ case "$1" in > # Make own hostname resolveable > own_hostname > =20 > + # Setup Safe Search > + setup_safe_search > + > # Update any known forwarding name servers > update_forwarders > =20 >=20 --===============4367236582961024328==--