Control: tags -1 + moreinfo Hi,
El 27/02/23 a las 12:19, Andrew escribió:
> Package: knot-resolver
> Version: 5.3.1-1+deb11u1
> Severity: normal
> X-Debbugs-Cc: and...@lists.savchenko.net
>
> Dear Maintainer,
>
> HTTP module in knot-resolver can't be enabled by adding `http` directive
> in its config file.
>
> I have tried the separate `modules.load('http')` statement via
> config and control socket / `kresc`, but to no avail.
>
> `kresd.conf` attached below. While `kresc` reports that the module is
> loaded, no new port is opened and stats can't be fetched via `curl`.
>
> `stats.list()` works as expected, this confirms that there is a valid
> data to expose via http.
>
[...]
> -- Configuration Files:
> /etc/default/kresd [Errno 13] Permission denied: '/etc/default/kresd'
> /etc/knot-resolver/kresd.conf changed:
> -- Listen locally, ipv4-only
> net = { '127.0.0.1' }
> net.ipv6 = false
>
> -- Enable optional modules
> modules = {
> 'policy', -- NXDOMAIN "bad" queries
> 'hints', -- read /etc/hosts and whatever is defined below
> 'stats', -- internal statistics
> 'serve_stale < cache', -- serve stale record if parent NS is unreachable
> 'rebinding < iterate', -- prevent rebinding attack, TODO: Remove?..
> 'prefill',
> 'predict',
> 'view',
> http = {
> host = '127.0.0.1',
> port = 8053
> }
I am unaware of this kind of configuration is possible. Documentation[1]
rather states addresses and ports should be configured by net.listen().
E.g.:
net.listen('127.0.0.1', 8453, { kind = 'webmgmt' }) -- see http module
net.listen('::1', 8453, { kind = 'webmgmt' }) -- see http module
The above works for me in 5.3.1 and 5.6.0.
[1]
https://knot-resolver.readthedocs.io/en/v5.3.1/daemon-bindings-net_server.html
Could you please give it a try?
Cheers,
-- Santiago
signature.asc
Description: PGP signature
