Unbound configuration broken if hotspot interface has alias IPs

[cotosso]

Steps to reproduce

• Enable hotspot service on a physical interface
• Enable cloud content filter making it work on hotspot role

Expected behavior Unbound service (transparent dns proxy) starts flawlessy

Actual behavior

Unbound service cannot start

Components

NethServer release 7.9.2009 (final) nethserver-unbound-1.1.1-1.ns7.noarch

[cotosso]

The unbound configuration (/etc/unbound/conf.d/flashstart.conf) seems to have duplicated values which make the configuration invalid.

# Allow queries from hotspot
      interface: 192.168.182.1
      access-control: 192.168.182.0/24 allow

      # Allow queries from alias
      interface: 192.168.182.1
      access-control: 192.168.182.0/24 allow

[nethbot]

in 7.9.2009/nethesis-testing:

• nethserver-flashstart-2.7.2-1.2.g82dee15.ns7.noarch.rpm x86_64

[gsanchietti]

Test case Check the bug is not reproducible

[francio87]

Confirm, fixed:

[root@kvm ~]# rpm -q nethserver-flashstart
nethserver-flashstart-2.7.2-1.2.g82dee15.ns7.noarch

[root@kvm ~]# unbound-checkconf /etc/unbound/unbound.conf
unbound-checkconf: no errors in /etc/unbound/unbound.conf

/etc/unbound/conf.d/flashstart.conf

      # Allow queries from hotspot
      interface: 192.168.182.1
      access-control: 192.168.182.0/24 allow

      # Allow queries from alias
      interface: 10.123.123.254
      access-control: 10.123.123.0/24 allow

[root@kvm ~]# systemctl status unbound
● unbound.service - Unbound recursive Domain Name Server
   Loaded: loaded (/usr/lib/systemd/system/unbound.service; enabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/unbound.service.d
           └─dedalo.conf
   Active: active (running) since Tue 2022-03-08 11:46:54 CET; 40s ago
 Main PID: 16729 (unbound)
   CGroup: /system.slice/unbound.service
           └─16729 /usr/sbin/unbound -d

[nethbot]

in 7.9.2009/nethesis-updates:

• nethserver-flashstart-2.7.3-1.ns7.noarch.rpm x86_64