From 1b4d5ad9af5d3603331f31aef5dca67833808694 Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Wed, 12 Oct 2016 22:37:26 +0100
Subject: [PATCH] unbound: Move "listen on all" to main configuration file

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 config/unbound/unbound.conf    | 6 ++++--
 src/initscripts/init.d/unbound | 3 ---
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/config/unbound/unbound.conf b/config/unbound/unbound.conf
index 6d8a7f29c3..5193dd9312 100644
--- a/config/unbound/unbound.conf
+++ b/config/unbound/unbound.conf
@@ -61,11 +61,13 @@ server:
 	harden-algo-downgrade: no
 	use-caps-for-id: no
 
+	# Listen on all interfaces
+	interface: 0.0.0.0
+
 	# Deny access from everywhere
 	access-control: 0.0.0.0/0 refuse
 
-	# Listen on localhost
-	interface: 127.0.0.1
+	# Allow access from localhost
 	access-control: 127.0.0.0/8 allow
 
 	# Bootstrap root servers
diff --git a/src/initscripts/init.d/unbound b/src/initscripts/init.d/unbound
index 136084458f..4c6b452225 100644
--- a/src/initscripts/init.d/unbound
+++ b/src/initscripts/init.d/unbound
@@ -148,9 +148,6 @@ write_interfaces_conf() {
 	(
 		config_header
 
-		echo "# bound to all interfaces"
-		echo "interface: 0.0.0.0"
-
 		# 1.1.1.1 is reserved for unused green
 		if [ -n "${GREEN_ADDRESS}" -a "${GREEN_ADDRESS}" != "1.1.1.1" ]; then
 			echo "# allow access from GREEN"
-- 
2.39.5