From c80fe40669bc86700c4952d0622f2b6e9133b350 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9?= <andre.peters@servercow.de>
Date: Fri, 12 Oct 2018 11:35:45 +0200
Subject: [PATCH] [Unbound] Do not allow from all (dangerous for setups with
 incorrect netfilter setups)

---
 data/conf/unbound/unbound.conf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/data/conf/unbound/unbound.conf b/data/conf/unbound/unbound.conf
index 9d8229ca..af725f0f 100644
--- a/data/conf/unbound/unbound.conf
+++ b/data/conf/unbound/unbound.conf
@@ -8,13 +8,13 @@ server:
   do-udp: yes
   do-tcp: yes
   do-daemonize: no
-  access-control: 0.0.0.0/0 allow
+  #access-control: 0.0.0.0/0 allow
   access-control: 10.0.0.0/8 allow
   access-control: 172.16.0.0/12 allow
   access-control: 192.168.0.0/16 allow
   access-control: fc00::/7 allow
   access-control: fe80::/10 allow
-  access-control: ::0/0 allow
+  #access-control: ::0/0 allow
   directory: "/etc/unbound"
   username: unbound
   auto-trust-anchor-file: trusted-key.key