Feature #7549
closed
Enable Python support in Unbound
100%
Description
Unbound has optional Python support, which is not currently enabled. Enabling this option will allow packages such as pfBlocker to leverage Python scripts to take actions based on events in Unbound.
Python is already included in base, so there should not be any additional dependencies.
Updated by Jim Pingle over 7 years ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Applied in changeset ae764da6ef91f0e9f440d423dfbdb72f44b33276.
Updated by Jim Pingle over 7 years ago
Python is there but still has some other issues that need worked out related to running unbound in a chroot.
Also it may need to have devel/swig30 added as a dependency.
Waiting on some feedback from bbcan117
Updated by Jim Pingle over 7 years ago
- Status changed from Feedback to Resolved
Anything we need to do on the OS side is done already, the rest is up to the actual scripts to setup mounts/libraries right in the chroot for what it needs before it runs.
Updated by Doug Twitchell over 7 years ago
To use python with unbound the module also needs to be enabled in the configuration file with:
module-config: "python iterator"
or with DNSSEC:
module-config: "validator python iterator"
I've created a patch that does this, but if python is listed as a module, there must also be a python: section with a python-script: directive or unbound-checkconf will fail. A good solution might be a GUI option to enter a python script, which would trigger the module-config change and put the script in the right place and mount the python libraries in the chroot. There are other issues as well, but this is the only one that requires code changes. See here: https://forum.pfsense.org/index.php?topic=134352.0
Here's the patch: https://github.com/twitched/pfsense/commit/1ff1605e8d2e2c9f87aac489fd7af7a407b3440c