Add option to show Unbound log

rarepupper · May 12, 2021, 9:31pm

As per the title, you can get lots of info about what's happening behind with the logs option.
pihole.log and pihole-FTL.log both show the queries, as well as other stuff in case one were to peek at them, but for those of us who use Unbound... welp, no dice.

Since Pihole and Unbound work very well together and there have been numerous posts about how to configure/use it, I suggest to add the Unbound log to the Tools setting.
That way we could all see in real time what's being forwarded/blocked/failed without having to tail -f the log every time something goes wrong. Sounds good?

And while we're speaking about logs in general... could it be possible to let users select the location in where to store the log? Sure, /var/log/ is always the defacto Linux standard, but say, if I want to have them on a USB thumb drive to save space on the Pi? That would be cool too.

Just a few things to keep in mind, if possible. Thanks dev team!

jfb · May 12, 2021, 9:40pm

I don't think this is an appropriate change. Including logs for software that not all users will use, and for software that is not written and maintained by the Pi-hole team, is outside the scope of Pi-hole in my opinion.

Even if the change were to be made, what is in the unbound log that isn't already in the dnsmasq log at /var/log/pihole.log and Pi-hole query log on the dashboard? Unbound doesn't block anything; it simply resolves DNS queries forwarded from Pi-hole.

https://docs.pi-hole.net/ftldns/configfile/

See the File options section.

wd9895 · May 13, 2021, 12:14pm

I like this idea.

rarepupper · May 14, 2021, 12:12am

It is true that your average user will be just content with the way Pi-hole works, but there are us who like to see the innards of it in action. And well, yes, Unbound is not maintained by you guys so you wouldn't have to do anything else BUT add an option to view the Unbound log from within the Pi-hole interface, that's all.
It could be as easy as just un-commenting a line:

## Out of documentation
#LOGFILE=/run/log/pihole-ftl/pihole-FTL.log
#PIDFILE=/run/pihole-ftl/pihole-FTL.pid
#PORTFILE=/run/pihole-ftl/pihole-FTL.port
#SOCKETFILE=/run/pihole-ftl/FTL.sock
#UNBOUNDLOG=/place/for/log

pihole-FTL.log (just shows messages of what the program is doing, boring stuff)

Resizing "FTL-dns-cache" from 32768 to (2304 * 16) == 36864 (/dev/shm: 1.6MB used, 2.0GB total, FTL uses 1.6MB)
[2021-05-13 16:34:32.889 1644M] Resizing "FTL-domains" from 24576 to (1792 * 16) == 28672 (/dev/shm: 1.6MB used, 2.0GB total, FTL uses 1.6MB)
[2021-05-13 16:35:37.952 1644M] Resizing "FTL-dns-cache" from 36864 to (2560 * 16) == 40960 (/dev/shm: 1.6MB used, 2.0GB total, FTL uses 1.6MB)
[2021-05-13 16:35:40.602 1644M] Resizing "FTL-strings" from 81920 to (122880 * 1) == 122880 (/dev/shm: 1.6MB used, 2.0GB total, FTL uses 1.6MB)
[2021-05-13 18:05:02.654 1644M] Resizing "FTL-dns-cache" from 40960 to (2816 * 16) == 45056 (/dev/shm: 1.6MB used, 2.0GB total, FTL uses 1.6MB)

pihole.log is more interesting (shows domains blocked per user lists but just forwards the queries to Unbound without knowing what happened next)

May 13 19:00:39 dnsmasq[1644]: reply www.apple.com is <CNAME>
May 13 19:00:39 dnsmasq[1644]: reply www.apple.com.edgekey.net is <CNAME>
May 13 19:00:39 dnsmasq[1644]: reply www.apple.com.edgekey.net.globalredir.akadns.net is <CNAME>

Unbound lets you see what traffic goes in and out, if it is encrypted (#853) as well as if the server was unresponsive even at that (useful for debugging, etc)

[1620950439] unbound[1615:0] info: query response was ANSWER
[1620950601] unbound[1615:0] info: 127.0.0.1 time-ios.apple.com. A IN
[1620950601] unbound[1615:0] info: resolving time-ios.apple.com. A IN
[1620950601] unbound[1615:0] info: response for time-ios.apple.com. A IN
[1620950601] unbound[1615:0] info: reply from <.> 1.1.1.3#853

So I digress with your opinion. It is very helpful and insightful to include such an option in Pi-hole for completeness sake. Again, please consider adding it to the program, it's a very easy thing to implement.

jfb · May 14, 2021, 12:30am

It tells you the reply from unbound, and that's what the Pi-hole clients see. All the under-the-hood detail of unbound (or any other upstream DNS server) is of no interest to Pi-hole or the requesting client.

May 13 19:18:15 dnsmasq[14819]: query[A] discourse.pi-hole.net from 192.168.0.132
May 13 19:18:15 dnsmasq[14819]: forwarded discourse.pi-hole.net to 127.0.0.1
May 13 19:18:15 dnsmasq[14819]: reply discourse.pi-hole.net is 159.203.95.226

I recommend that you modify your local code to show the unbound log in Pi-hole.

rarepupper · May 14, 2021, 12:54am

Fair enough.

system · November 10, 2021, 12:55am

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.