Just for clarification of the origin of these addresses: RFC 1918 mentions only those we already include:
3. Private Address Space
The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private internets:
That would enable private addresses for 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 169.254.0.0/16 fd00::/8 and fe80::/10, since the RFC standards say these addresses should not be visible on the public internet.
But, how much logging is unbound actually doing to the syslog? In my syslog, there are only start/stop entries for unbound at reboots, which don't happen very often. Yesterday no unbound entries at all.
[1535549105] unbound[939:0] info: service stopped (unbound 1.4.22).
[1535549106] unbound[939:0] info: start of service (unbound 1.4.22).
[1535549107] unbound[939:0] info: service stopped (unbound 1.4.22).
[1535549107] unbound[939:0] info: start of service (unbound 1.4.22).
[1535646414] unbound[939:0] info: service stopped (unbound 1.4.22).
[1535646425] unbound[1179:0] info: start of service (unbound 1.4.22).
Note: I have verbosity: 0 in my /etc/unbound/unbound.conf.d/recursive.conf which may affect this.
logfile: <filename>
If "" is given, logging goes to stderr, or nowhere once daemo-
nized. The logfile is appended to, in the following format:
[seconds since 1970] unbound[pid:tid]: type: message.
If this option is given, the use-syslog is option is set to
"no". The logfile is reopened (for append) when the config file
is reread, on SIGHUP.
So I propose to add the following (at the corresponding places):