From 50bbc50263bd5cea700023092a1aa54cbfb1b1fe Mon Sep 17 00:00:00 2001
From: "Ycarus (Yannick Chabanois)" <ycarus@zugaina.org>
Date: Wed, 29 May 2024 19:56:14 +0200
Subject: [PATCH] Set unbound to only listen on loopback

---
 openmptcprouter/files/etc/uci-defaults/1940-omr-dns | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/openmptcprouter/files/etc/uci-defaults/1940-omr-dns b/openmptcprouter/files/etc/uci-defaults/1940-omr-dns
index 6bf0e79e73..7a4147e048 100755
--- a/openmptcprouter/files/etc/uci-defaults/1940-omr-dns
+++ b/openmptcprouter/files/etc/uci-defaults/1940-omr-dns
@@ -29,6 +29,14 @@ if [ -z "$(uci -q get unbound.ub_main)" ]; then
 		rename unbound.@unbound[-1]=ub_main
 		commit unbound
 	EOF
+fi
+# Make unbound listen on loopback only
+if [ -z "$(uci -q get unbound.ub_main.interface)" ]; then
+	uci -q batch <<-EOF >/dev/null
+		set unbound.ub_main.interface_auto='0'
+		set unbound.ub_main.interface='loopback'
+		commit unbound
+	EOF
 
 fi
 if [ "$(uci -q show dhcp | grep 'use-application-dns.net')" = "" ]; then