From e330bb46f24e98c4fd81dfa36d754bf7a19b0873 Mon Sep 17 00:00:00 2001
From: Ad Schellevis <ad@opnsense.org>
Date: Thu, 9 Apr 2020 14:22:54 +0200
Subject: [PATCH] Unbound: integrate endpoints, but leave model in place to
 avoid migration issues and force de-install of the plugin.

---
 .../Api/DnsblController.php                   |   3 +-
 .../Api/MiscellaneousController.php           |   3 +-
 .../Api/ServiceController.php                 |  21 +-
 .../DnsblController.php                       |   8 +-
 .../MiscellaneousController.php               |   8 +-
 .../{Unboundplus => Unbound}/forms/dnsbl.xml  |   0
 .../forms/miscellaneous.xml                   |   0
 .../app/models/OPNsense/Unbound/ACL/ACL.xml   |   7 +
 .../app/models/OPNsense/Unbound/Menu/Menu.xml |   2 +
 .../models/OPNsense/Unboundplus/ACL/ACL.xml   |   9 -
 .../models/OPNsense/Unboundplus/Menu/Menu.xml |   8 -
 .../{Unboundplus => Unbound}/dnsbl.volt       |  47 +++--
 .../miscellaneous.volt                        |  48 +++--
 .../scripts/OPNsense/Unboundplus/dnsbl.py     | 197 ------------------
 .../conf/actions.d/actions_unbound.conf       |   7 +
 .../conf/actions.d/actions_unboundplus.conf   |   6 +-
 .../templates/OPNsense/Unbound/core/+TARGETS  |   5 +
 .../{Unboundplus => Unbound/core}/dnsbl.inc   |   0
 .../{Unboundplus => Unbound/core}/dot.conf    |   0
 .../{Unboundplus => Unbound/core}/lists.inc   |   0
 .../core}/miscellaneous.conf                  |   0
 .../core}/whitelist.inc                       |   0
 .../templates/OPNsense/Unboundplus/+TARGETS   |   5 -
 23 files changed, 98 insertions(+), 286 deletions(-)
 rename src/opnsense/mvc/app/controllers/OPNsense/{Unboundplus => Unbound}/Api/DnsblController.php (95%)
 rename src/opnsense/mvc/app/controllers/OPNsense/{Unboundplus => Unbound}/Api/MiscellaneousController.php (96%)
 rename src/opnsense/mvc/app/controllers/OPNsense/{Unboundplus => Unbound}/Api/ServiceController.php (76%)
 rename src/opnsense/mvc/app/controllers/OPNsense/{Unboundplus => Unbound}/DnsblController.php (89%)
 rename src/opnsense/mvc/app/controllers/OPNsense/{Unboundplus => Unbound}/MiscellaneousController.php (89%)
 rename src/opnsense/mvc/app/controllers/OPNsense/{Unboundplus => Unbound}/forms/dnsbl.xml (100%)
 rename src/opnsense/mvc/app/controllers/OPNsense/{Unboundplus => Unbound}/forms/miscellaneous.xml (100%)
 delete mode 100644 src/opnsense/mvc/app/models/OPNsense/Unboundplus/ACL/ACL.xml
 delete mode 100644 src/opnsense/mvc/app/models/OPNsense/Unboundplus/Menu/Menu.xml
 rename src/opnsense/mvc/app/views/OPNsense/{Unboundplus => Unbound}/dnsbl.volt (63%)
 rename src/opnsense/mvc/app/views/OPNsense/{Unboundplus => Unbound}/miscellaneous.volt (61%)
 delete mode 100755 src/opnsense/scripts/OPNsense/Unboundplus/dnsbl.py
 rename src/opnsense/service/templates/OPNsense/{Unboundplus => Unbound/core}/dnsbl.inc (100%)
 rename src/opnsense/service/templates/OPNsense/{Unboundplus => Unbound/core}/dot.conf (100%)
 rename src/opnsense/service/templates/OPNsense/{Unboundplus => Unbound/core}/lists.inc (100%)
 rename src/opnsense/service/templates/OPNsense/{Unboundplus => Unbound/core}/miscellaneous.conf (100%)
 rename src/opnsense/service/templates/OPNsense/{Unboundplus => Unbound/core}/whitelist.inc (100%)
 delete mode 100644 src/opnsense/service/templates/OPNsense/Unboundplus/+TARGETS

diff --git a/src/opnsense/mvc/app/controllers/OPNsense/Unboundplus/Api/DnsblController.php b/src/opnsense/mvc/app/controllers/OPNsense/Unbound/Api/DnsblController.php
similarity index 95%
rename from src/opnsense/mvc/app/controllers/OPNsense/Unboundplus/Api/DnsblController.php
rename to src/opnsense/mvc/app/controllers/OPNsense/Unbound/Api/DnsblController.php
index e729939f6..ee7d88e5e 100644
--- a/src/opnsense/mvc/app/controllers/OPNsense/Unboundplus/Api/DnsblController.php
+++ b/src/opnsense/mvc/app/controllers/OPNsense/Unbound/Api/DnsblController.php
@@ -2,6 +2,7 @@
 
 /*
  * Copyright (C) 2019 Michael Muenz <m.muenz@gmail.com>
+ * Copyright (C) 2020 Deciso B.V.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26,7 +27,7 @@
  * POSSIBILITY OF SUCH DAMAGE.
  */
 
-namespace OPNsense\Unboundplus\Api;
+namespace OPNsense\Unbound\Api;
 
 use OPNsense\Base\ApiMutableModelControllerBase;
 
diff --git a/src/opnsense/mvc/app/controllers/OPNsense/Unboundplus/Api/MiscellaneousController.php b/src/opnsense/mvc/app/controllers/OPNsense/Unbound/Api/MiscellaneousController.php
similarity index 96%
rename from src/opnsense/mvc/app/controllers/OPNsense/Unboundplus/Api/MiscellaneousController.php
rename to src/opnsense/mvc/app/controllers/OPNsense/Unbound/Api/MiscellaneousController.php
index 5e9878820..f5571e7a8 100644
--- a/src/opnsense/mvc/app/controllers/OPNsense/Unboundplus/Api/MiscellaneousController.php
+++ b/src/opnsense/mvc/app/controllers/OPNsense/Unbound/Api/MiscellaneousController.php
@@ -2,6 +2,7 @@
 
 /*
  * Copyright (C) 2019 Michael Muenz <m.muenz@gmail.com>
+ * Copyright (C) 2020 Deciso B.V.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26,7 +27,7 @@
  * POSSIBILITY OF SUCH DAMAGE.
  */
 
-namespace OPNsense\Unboundplus\Api;
+namespace OPNsense\Unbound\Api;
 
 use OPNsense\Base\ApiMutableModelControllerBase;
 
diff --git a/src/opnsense/mvc/app/controllers/OPNsense/Unboundplus/Api/ServiceController.php b/src/opnsense/mvc/app/controllers/OPNsense/Unbound/Api/ServiceController.php
similarity index 76%
rename from src/opnsense/mvc/app/controllers/OPNsense/Unboundplus/Api/ServiceController.php
rename to src/opnsense/mvc/app/controllers/OPNsense/Unbound/Api/ServiceController.php
index 66fa74857..3dd3b4203 100644
--- a/src/opnsense/mvc/app/controllers/OPNsense/Unboundplus/Api/ServiceController.php
+++ b/src/opnsense/mvc/app/controllers/OPNsense/Unbound/Api/ServiceController.php
@@ -2,6 +2,7 @@
 
 /*
  * Copyright (C) 2019 Michael Muenz <m.muenz@gmail.com>
+ * Copyright (C) 2020 Deciso B.V.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26,7 +27,7 @@
  * POSSIBILITY OF SUCH DAMAGE.
  */
 
-namespace OPNsense\Unboundplus\Api;
+namespace OPNsense\Unbound\Api;
 
 use OPNsense\Base\ApiMutableServiceControllerBase;
 use OPNsense\Core\Backend;
@@ -36,7 +37,7 @@ use OPNsense\Unboundplus\Miscellaneous;
 class ServiceController extends ApiMutableServiceControllerBase
 {
     protected static $internalServiceClass = '\OPNsense\Unboundplus\Dnsbl';
-    protected static $internalServiceTemplate = 'OPNsense/Unboundplus';
+    protected static $internalServiceTemplate = 'OPNsense/Unbound';
     protected static $internalServiceEnabled = 'enabled';
     protected static $internalServiceName = 'unboundplus';
 
@@ -45,18 +46,8 @@ class ServiceController extends ApiMutableServiceControllerBase
         $this->sessionClose();
         $mdl = new Dnsbl();
         $backend = new Backend();
-        $backend->configdRun('template reload OPNsense/Unboundplus');
-        $response = $backend->configdpRun('unboundplus dnsbl', array((string)$mdl->type));
-        return array("response" => $response);
-    }
-
-    public function reloadunboundAction()
-    {
-        $this->sessionClose();
-        $mdl = new Miscellaneous();
-        $backend = new Backend();
-        $backend->configdRun('template reload OPNsense/Unboundplus');
-        $response = $backend->configdpRun('unbound reload', array((string)$mdl->type));
-        return array("response" => $response);
+        $backend->configdRun('template reload OPNsense/Unbound');
+        $response = $backend->configdpRun('unbound dnsbl', array((string)$mdl->type));
+        return array("status" => $response);
     }
 }
diff --git a/src/opnsense/mvc/app/controllers/OPNsense/Unboundplus/DnsblController.php b/src/opnsense/mvc/app/controllers/OPNsense/Unbound/DnsblController.php
similarity index 89%
rename from src/opnsense/mvc/app/controllers/OPNsense/Unboundplus/DnsblController.php
rename to src/opnsense/mvc/app/controllers/OPNsense/Unbound/DnsblController.php
index 882e2aae9..01d7bfa51 100644
--- a/src/opnsense/mvc/app/controllers/OPNsense/Unboundplus/DnsblController.php
+++ b/src/opnsense/mvc/app/controllers/OPNsense/Unbound/DnsblController.php
@@ -26,13 +26,15 @@
  * POSSIBILITY OF SUCH DAMAGE.
  */
 
-namespace OPNsense\Unboundplus;
+namespace OPNsense\Unbound;
 
-class DnsblController extends \OPNsense\Base\IndexController
+use OPNsense\Base\IndexController;
+
+class DnsblController extends IndexController
 {
     public function indexAction()
     {
         $this->view->dnsblForm = $this->getForm('dnsbl');
-        $this->view->pick('OPNsense/Unboundplus/dnsbl');
+        $this->view->pick('OPNsense/Unbound/dnsbl');
     }
 }
diff --git a/src/opnsense/mvc/app/controllers/OPNsense/Unboundplus/MiscellaneousController.php b/src/opnsense/mvc/app/controllers/OPNsense/Unbound/MiscellaneousController.php
similarity index 89%
rename from src/opnsense/mvc/app/controllers/OPNsense/Unboundplus/MiscellaneousController.php
rename to src/opnsense/mvc/app/controllers/OPNsense/Unbound/MiscellaneousController.php
index 25bdb9e63..b47c0ce54 100644
--- a/src/opnsense/mvc/app/controllers/OPNsense/Unboundplus/MiscellaneousController.php
+++ b/src/opnsense/mvc/app/controllers/OPNsense/Unbound/MiscellaneousController.php
@@ -26,13 +26,15 @@
  * POSSIBILITY OF SUCH DAMAGE.
  */
 
-namespace OPNsense\Unboundplus;
+namespace OPNsense\Unbound;
 
-class MiscellaneousController extends \OPNsense\Base\IndexController
+use OPNsense\Base\IndexController;
+
+class MiscellaneousController extends IndexController
 {
     public function indexAction()
     {
         $this->view->miscellaneousForm = $this->getForm('miscellaneous');
-        $this->view->pick('OPNsense/Unboundplus/miscellaneous');
+        $this->view->pick('OPNsense/Unbound/miscellaneous');
     }
 }
diff --git a/src/opnsense/mvc/app/controllers/OPNsense/Unboundplus/forms/dnsbl.xml b/src/opnsense/mvc/app/controllers/OPNsense/Unbound/forms/dnsbl.xml
similarity index 100%
rename from src/opnsense/mvc/app/controllers/OPNsense/Unboundplus/forms/dnsbl.xml
rename to src/opnsense/mvc/app/controllers/OPNsense/Unbound/forms/dnsbl.xml
diff --git a/src/opnsense/mvc/app/controllers/OPNsense/Unboundplus/forms/miscellaneous.xml b/src/opnsense/mvc/app/controllers/OPNsense/Unbound/forms/miscellaneous.xml
similarity index 100%
rename from src/opnsense/mvc/app/controllers/OPNsense/Unboundplus/forms/miscellaneous.xml
rename to src/opnsense/mvc/app/controllers/OPNsense/Unbound/forms/miscellaneous.xml
diff --git a/src/opnsense/mvc/app/models/OPNsense/Unbound/ACL/ACL.xml b/src/opnsense/mvc/app/models/OPNsense/Unbound/ACL/ACL.xml
index 26f2bef31..6b8ddc3d2 100644
--- a/src/opnsense/mvc/app/models/OPNsense/Unbound/ACL/ACL.xml
+++ b/src/opnsense/mvc/app/models/OPNsense/Unbound/ACL/ACL.xml
@@ -38,4 +38,11 @@
             <pattern>api/diagnostics/log/core/resolver/*</pattern>
         </patterns>
     </page-diagnostics-logs-resolver>
+    <page-services-unbound>
+        <name>Services: Unbound (mvc)</name>
+        <patterns>
+            <pattern>ui/unbound/*</pattern>
+            <pattern>api/unbound/*</pattern>
+        </patterns>
+    </page-services-unbound>
 </acl>
diff --git a/src/opnsense/mvc/app/models/OPNsense/Unbound/Menu/Menu.xml b/src/opnsense/mvc/app/models/OPNsense/Unbound/Menu/Menu.xml
index b6b260869..8524fa7ef 100644
--- a/src/opnsense/mvc/app/models/OPNsense/Unbound/Menu/Menu.xml
+++ b/src/opnsense/mvc/app/models/OPNsense/Unbound/Menu/Menu.xml
@@ -12,6 +12,8 @@
             </ACL>
             <Statistics order="50" url="/ui/unbound/stats"/>
             <LogFile VisibleName="Log File" order="100" url="/ui/diagnostics/log/core/resolver"/>
+            <Blacklist order="50" url="/ui/unbound/dnsbl/index"/>
+            <Miscellaneous order="60" url="/ui/unbound/miscellaneous/index"/>
         </Unbound>
     </Services>
 </menu>
diff --git a/src/opnsense/mvc/app/models/OPNsense/Unboundplus/ACL/ACL.xml b/src/opnsense/mvc/app/models/OPNsense/Unboundplus/ACL/ACL.xml
deleted file mode 100644
index 181f635fd..000000000
--- a/src/opnsense/mvc/app/models/OPNsense/Unboundplus/ACL/ACL.xml
+++ /dev/null
@@ -1,9 +0,0 @@
-<acl>
-   <page-services-unbound>
-      <name>Services: Unbound DNSBL</name>
-      <patterns>
-         <pattern>ui/unboundplus/*</pattern>
-         <pattern>api/unboundplus/*</pattern>
-      </patterns>
-   </page-services-unbound>
-</acl>
diff --git a/src/opnsense/mvc/app/models/OPNsense/Unboundplus/Menu/Menu.xml b/src/opnsense/mvc/app/models/OPNsense/Unboundplus/Menu/Menu.xml
deleted file mode 100644
index 32261d1a2..000000000
--- a/src/opnsense/mvc/app/models/OPNsense/Unboundplus/Menu/Menu.xml
+++ /dev/null
@@ -1,8 +0,0 @@
-<menu>
-  <Services>
-    <Unbound>
-      <Blacklist order="50" url="/ui/unboundplus/dnsbl/index"/>
-      <Miscellaneous order="60" url="/ui/unboundplus/miscellaneous/index"/>
-    </Unbound>
-  </Services>
-</menu>
diff --git a/src/opnsense/mvc/app/views/OPNsense/Unboundplus/dnsbl.volt b/src/opnsense/mvc/app/views/OPNsense/Unbound/dnsbl.volt
similarity index 63%
rename from src/opnsense/mvc/app/views/OPNsense/Unboundplus/dnsbl.volt
rename to src/opnsense/mvc/app/views/OPNsense/Unbound/dnsbl.volt
index eb53cf0e6..6e623ae14 100644
--- a/src/opnsense/mvc/app/views/OPNsense/Unboundplus/dnsbl.volt
+++ b/src/opnsense/mvc/app/views/OPNsense/Unbound/dnsbl.volt
@@ -25,30 +25,35 @@
  # POSSIBILITY OF SUCH DAMAGE.
  #}
 
+<script>
+   $(document).ready(function() {
+       var data_get_map = {'frm_dnsbl_settings':"/api/unbound/dnsbl/get"};
+       mapDataToFormUI(data_get_map).done(function(data){
+           formatTokenizersUI();
+           $('.selectpicker').selectpicker('refresh');
+       });
+
+       $("#saveAct").SimpleActionButton({
+          onPreAction: function() {
+              const dfObj = new $.Deferred();
+              saveFormToEndpoint("/api/unbound/dnsbl/set", 'frm_dnsbl_settings', function(){
+                  dfObj.resolve();
+              });
+              return dfObj;
+          }
+      });
+   });
+</script>
+
 <div class="content-box" style="padding-bottom: 1.5em;">
     {{ partial("layout_partials/base_form",['fields':dnsblForm,'id':'frm_dnsbl_settings'])}}
     <div class="col-md-12">
         <hr />
-        <button class="btn btn-primary" id="saveAct" type="button"><b>{{ lang._('Save') }}</b> <i id="saveAct_progress"></i></button>
+        <button class="btn btn-primary" id="saveAct"
+                data-endpoint='/api/unbound/service/dnsbl'
+                data-label="{{ lang._('Save') }}"
+                data-error-title="{{ lang._('Error reloading unbound') }}"
+                type="button">
+        </button>
     </div>
 </div>
-
-<script>
-    $(function() {
-        var data_get_map = {'frm_dnsbl_settings':"/api/unboundplus/dnsbl/get"};
-        mapDataToFormUI(data_get_map).done(function(data){
-            formatTokenizersUI();
-            $('.selectpicker').selectpicker('refresh');
-        });
-
-        // link save button to API set action
-        $("#saveAct").click(function(){
-            saveFormToEndpoint(url="/api/unboundplus/dnsbl/set", formid='frm_dnsbl_settings',callback_ok=function(){
-                $("#saveAct_progress").addClass("fa fa-spinner fa-pulse");
-                ajaxCall(url="/api/unboundplus/service/dnsbl", sendData={}, callback=function(data,status) {
-                    $("#saveAct_progress").removeClass("fa fa-spinner fa-pulse");
-                });
-            });
-        });
-    });
-</script>
diff --git a/src/opnsense/mvc/app/views/OPNsense/Unboundplus/miscellaneous.volt b/src/opnsense/mvc/app/views/OPNsense/Unbound/miscellaneous.volt
similarity index 61%
rename from src/opnsense/mvc/app/views/OPNsense/Unboundplus/miscellaneous.volt
rename to src/opnsense/mvc/app/views/OPNsense/Unbound/miscellaneous.volt
index dda6369f2..7cdbd058d 100644
--- a/src/opnsense/mvc/app/views/OPNsense/Unboundplus/miscellaneous.volt
+++ b/src/opnsense/mvc/app/views/OPNsense/Unbound/miscellaneous.volt
@@ -1,5 +1,5 @@
 {#
- # Copyright (c) 2019 Deciso B.V.
+ # Copyright (c) 2019-2020 Deciso B.V.
  # Copyright (c) 2019 Michael Muenz <m.muenz@gmail.com>
  # All rights reserved.
  #
@@ -25,30 +25,34 @@
  # POSSIBILITY OF SUCH DAMAGE.
  #}
 
+ <script>
+     $(document).ready(function() {
+         var data_get_map = {'frm_miscellaneous_settings':"/api/unbound/miscellaneous/get"};
+         mapDataToFormUI(data_get_map).done(function(data){
+             formatTokenizersUI();
+             $('.selectpicker').selectpicker('refresh');
+         });
+         $("#saveAct").SimpleActionButton({
+            onPreAction: function() {
+                const dfObj = new $.Deferred();
+                saveFormToEndpoint("/api/unbound/miscellaneous/set", 'frm_miscellaneous_settings', function(){
+                    dfObj.resolve();
+                });
+                return dfObj;
+            }
+        });
+     });
+ </script>
+
 <div class="content-box" style="padding-bottom: 1.5em;">
     {{ partial("layout_partials/base_form",['fields':miscellaneousForm,'id':'frm_miscellaneous_settings'])}}
     <div class="col-md-12">
         <hr />
-        <button class="btn btn-primary" id="saveAct" type="button"><b>{{ lang._('Save') }}</b> <i id="saveAct_progress"></i></button>
+        <button class="btn btn-primary" id="saveAct"
+                data-endpoint='/api/unbound/service/reload'
+                data-label="{{ lang._('Save') }}"
+                data-error-title="{{ lang._('Error reloading unbound') }}"
+                type="button">
+        </button>
     </div>
 </div>
-
-<script>
-    $(function() {
-        var data_get_map = {'frm_miscellaneous_settings':"/api/unboundplus/miscellaneous/get"};
-        mapDataToFormUI(data_get_map).done(function(data){
-            formatTokenizersUI();
-            $('.selectpicker').selectpicker('refresh');
-        });
-
-        // link save button to API set action
-        $("#saveAct").click(function(){
-            saveFormToEndpoint(url="/api/unboundplus/miscellaneous/set", formid='frm_miscellaneous_settings',callback_ok=function(){
-                $("#saveAct_progress").addClass("fa fa-spinner fa-pulse");
-                ajaxCall(url="/api/unboundplus/service/reloadunbound", sendData={}, callback=function(data,status) {
-                    $("#saveAct_progress").removeClass("fa fa-spinner fa-pulse");
-                });
-            });
-        });
-    });
-</script>
diff --git a/src/opnsense/scripts/OPNsense/Unboundplus/dnsbl.py b/src/opnsense/scripts/OPNsense/Unboundplus/dnsbl.py
deleted file mode 100755
index 811a6ebc1..000000000
--- a/src/opnsense/scripts/OPNsense/Unboundplus/dnsbl.py
+++ /dev/null
@@ -1,197 +0,0 @@
-#!/usr/local/bin/python3
-
-# DNS BL script
-# Copyright 2020 Petr Kejval <petr.kejval6@gmail.com>
-
-# Downloads blacklisted domains from user specified URLs and "compile" them into unbound.conf compatible file
-
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# 1. Redistributions of source code must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-#
-# 2. Redistributions in binary form must reproduce the above copyright
-#    notice, this list of conditions and the following disclaimer in the
-#    documentation and/or other materials provided with the distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
-# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-# SUCH DAMAGE.
-
-import re, urllib3, threading, subprocess
-
-re_blacklist = re.compile(r'(^127\.0\.0\.1[\s]+|^0\.0\.0\.0[\s]+)([0-9a-z_.-]+)(?:\s|$)|^([0-9a-z_.-]+)(?:\s|$)', re.I)
-re_whitelist = re.compile(r'$^') # default - match nothing
-blacklist = set()
-urls = set()
-
-predefined_lists = {
-    "aa": "https://adaway.org/hosts.txt",
-    "ag": "https://justdomains.github.io/blocklists/lists/adguarddns-justdomains.txt",
-    "bla": "https://blocklist.site/app/dl/ads",
-    "blf": "https://blocklist.site/app/dl/fraud",
-    "blp": "https://blocklist.site/app/dl/phishing",
-    "ca": "http://sysctl.org/cameleon/hosts",
-    "el": "https://justdomains.github.io/blocklists/lists/easylist-justdomains.txt",
-    "ep": "https://justdomains.github.io/blocklists/lists/easyprivacy-justdomains.txt",
-    "emd": "https://hosts-file.net/emd.txt",
-    "hpa": "https://hosts-file.net/ad_servers.txt",
-    "hpf": "https://hosts-file.net/fsa.txt",
-    "hpp": "https://hosts-file.net/psh.txt",
-    "hup": "https://hosts-file.net/pup.txt",
-    "nc": "https://justdomains.github.io/blocklists/lists/nocoin-justdomains.txt",
-    "rw": "https://ransomwaretracker.abuse.ch/downloads/RW_DOMBL.txt",
-    "mw": "http://malwaredomains.lehigh.edu/files/justdomains",
-    "pa": "https://raw.githubusercontent.com/chadmayfield/my-pihole-blocklists/master/lists/pi_blocklist_porn_all.list",
-    "pt": "https://raw.githubusercontent.com/chadmayfield/pihole-blocklists/master/lists/pi_blocklist_porn_top1m.list",
-    "sa": "https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt",
-    "sb": "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts",
-    "st": "https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt",
-    "ws": "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt",
-    "wsu": "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/update.txt",
-    "wse": "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/extra.txt",
-    "yy": "http://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts&mimetype=plaintext"
-}
-
-def add_to_blacklist(domain):
-    """ Checks if domain is present in whitelist. If not, domain is addded to BL set. """
-    match = re_whitelist.match(domain)
-    if not match:
-        blacklist.add(domain)
-
-def parse_line(line):
-    """ Checks if line matches re_blacklist. If so, tries add domain to BL set. """
-    global blacklist
-    line = line.replace('\\t', " ")
-    line = line.replace('\\r', "")
-    match = re_blacklist.match(line)
-    if match:
-        if match.group(2) != None:
-            add_to_blacklist(match.group(2))
-        elif match.group(3) != None:
-            add_to_blacklist(match.group(3))
-
-def process_url(url):
-    """ Reads and parses blacklisted domains from URL into BL set. """
-    print(f"Processing BL items from: {url}")
-
-    try:
-        http = urllib3.PoolManager(timeout=5.0)
-        r = http.request('GET', url, retries=2)
-
-        if r.status == 200:
-            for line in str(r.data).split('\\n'):
-                parse_line(line)
-    except Exception as e:
-        print(str(e))
-
-def save_config_file():
-    """ Saves blacklist in unbound.conf format """
-    print(f"Saving {len(blacklist)} blacklisted domains into dnsbl.conf")
-
-    try:
-        with open("/var/unbound/etc/dnsbl.conf", 'w') as file:
-            # No domains found or DNSBL is disabled
-            if (len(blacklist) == 0):
-                file.write("")
-            else:
-                file.write('server:\n')
-                for line in blacklist:
-                    #file.write('local-zone: "' + str(line) + '" static\n')
-                    file.write('local-data: "' + str(line) + ' A 0.0.0.0"\n')
-    except Exception as e:
-        print(str(e))
-        exit(1)
-
-def load_list(path, separator=None):
-    """ Reads file with specified path into set to ensure unique values.
-    Splits lines with defined separator. If sperator==None no split is performed. """
-    result = set()
-
-    try:
-        with open(path, 'r') as file:
-            for line in file.readlines():
-                if not separator == None:
-                    for element in line.split(separator):
-                        result.add(element.replace('\n', ''))
-                else:
-                    result.add(line.replace('\n', ''))
-    except Exception as e:
-        print(str(e))
-
-    return result
-
-def load_whitelist():
-    """ Loads user defined whitelist in regex format and compiles it. """
-    print("Loading whitelist")
-    global re_whitelist
-    wl = load_list('/var/unbound/etc/whitelist.inc', ',')
-    wl.add(r'.*localhost$')
-    wl.add(r'^(?![a-zA-Z\d]).*') # Exclude domains NOT starting with alphanumeric char
-    print(f"Loaded {len(wl)} whitelist items")
-
-    try:
-        re_whitelist = re.compile('|'.join(wl), re.I)
-    except Exception as e:
-        print(f"Whitelist regex compile failed: {str(e)}")
-
-def load_blacklists():
-    """ Loads user defined blacklists URLs. """
-    print("Loading blacklists URLs")
-    global urls
-    urls = load_list('/var/unbound/etc/lists.inc', ',')
-    print(f"Loaded {len(urls)} blacklists URLs")
-
-def load_predefined_lists():
-    """ Loads user chosen predefined lists """
-    print("Loading predefined lists URLs")
-    global urls
-    lists = load_list('/var/unbound/etc/dnsbl.inc')
-    types = set()
-
-    for first in lists:
-        first = str(first).split('=')[1]
-        first = str(first).replace('"', '').replace('\n', '')
-        first = first.split(',')
-        for type in first:
-            types.add(type)
-        break
-
-    print(f"Loaded {len(types)} predefined blacklists URLs")
-
-    for type in types:
-        try:
-            urls.add(predefined_lists[type])
-        except KeyError:
-            continue
-        except Exception as e:
-            print(str(e))
-
-if __name__ == "__main__":
-    # Prepare lists from config files
-    load_whitelist()
-    load_blacklists()
-    load_predefined_lists()
-
-    # Start processing BLs in threads
-    threads = [threading.Thread(target=process_url, args=(url,)) for url in urls]
-    for t in threads:
-        t.start()
-    for t in threads:
-        t.join()
-
-    save_config_file()
-
-    print("Restarting unbound service")
-    subprocess.Popen(["pluginctl", "-s", "unbound", "restart"])
-    exit(0)
diff --git a/src/opnsense/service/conf/actions.d/actions_unbound.conf b/src/opnsense/service/conf/actions.d/actions_unbound.conf
index 62b284134..6bbf0ddb4 100644
--- a/src/opnsense/service/conf/actions.d/actions_unbound.conf
+++ b/src/opnsense/service/conf/actions.d/actions_unbound.conf
@@ -51,3 +51,10 @@ command:/usr/local/bin/flock -n -E 0 -o /tmp/unbound_start.lock /usr/local/opnse
 parameters:
 type:script
 message:Start Unbound
+
+[dnsbl]
+command:/usr/local/opnsense/scripts/unbound/dnsbl.py
+parameters:
+type:script
+message:fetching and applying DNSBLs
+description: Download Unbound DNSBLs and restart
diff --git a/src/opnsense/service/conf/actions.d/actions_unboundplus.conf b/src/opnsense/service/conf/actions.d/actions_unboundplus.conf
index e354a4e12..54045597a 100644
--- a/src/opnsense/service/conf/actions.d/actions_unboundplus.conf
+++ b/src/opnsense/service/conf/actions.d/actions_unboundplus.conf
@@ -1,5 +1,9 @@
+###################################################################
+# Compatibility layer, to be removed in a future version
+# - keeps old plugin cron jobs functional
+###################################################################
 [dnsbl]
-command:/usr/local/opnsense/scripts/OPNsense/Unboundplus/dnsbl.py
+command:/usr/local/opnsense/scripts/unbound/dnsbl.py
 parameters:
 type:script
 message:fetching and applying DNSBLs
diff --git a/src/opnsense/service/templates/OPNsense/Unbound/core/+TARGETS b/src/opnsense/service/templates/OPNsense/Unbound/core/+TARGETS
index 2c5f91d73..fb1629d57 100644
--- a/src/opnsense/service/templates/OPNsense/Unbound/core/+TARGETS
+++ b/src/opnsense/service/templates/OPNsense/Unbound/core/+TARGETS
@@ -1 +1,6 @@
 root.min.hints:/var/unbound/root.hints
+dnsbl.inc:/var/unbound/etc/dnsbl.inc
+whitelist.inc:/var/unbound/etc/whitelist.inc
+miscellaneous.conf:/var/unbound/etc/miscellaneous.conf
+dot.conf:/var/unbound/etc/dot.conf
+lists.inc:/var/unbound/etc/lists.inc
diff --git a/src/opnsense/service/templates/OPNsense/Unboundplus/dnsbl.inc b/src/opnsense/service/templates/OPNsense/Unbound/core/dnsbl.inc
similarity index 100%
rename from src/opnsense/service/templates/OPNsense/Unboundplus/dnsbl.inc
rename to src/opnsense/service/templates/OPNsense/Unbound/core/dnsbl.inc
diff --git a/src/opnsense/service/templates/OPNsense/Unboundplus/dot.conf b/src/opnsense/service/templates/OPNsense/Unbound/core/dot.conf
similarity index 100%
rename from src/opnsense/service/templates/OPNsense/Unboundplus/dot.conf
rename to src/opnsense/service/templates/OPNsense/Unbound/core/dot.conf
diff --git a/src/opnsense/service/templates/OPNsense/Unboundplus/lists.inc b/src/opnsense/service/templates/OPNsense/Unbound/core/lists.inc
similarity index 100%
rename from src/opnsense/service/templates/OPNsense/Unboundplus/lists.inc
rename to src/opnsense/service/templates/OPNsense/Unbound/core/lists.inc
diff --git a/src/opnsense/service/templates/OPNsense/Unboundplus/miscellaneous.conf b/src/opnsense/service/templates/OPNsense/Unbound/core/miscellaneous.conf
similarity index 100%
rename from src/opnsense/service/templates/OPNsense/Unboundplus/miscellaneous.conf
rename to src/opnsense/service/templates/OPNsense/Unbound/core/miscellaneous.conf
diff --git a/src/opnsense/service/templates/OPNsense/Unboundplus/whitelist.inc b/src/opnsense/service/templates/OPNsense/Unbound/core/whitelist.inc
similarity index 100%
rename from src/opnsense/service/templates/OPNsense/Unboundplus/whitelist.inc
rename to src/opnsense/service/templates/OPNsense/Unbound/core/whitelist.inc
diff --git a/src/opnsense/service/templates/OPNsense/Unboundplus/+TARGETS b/src/opnsense/service/templates/OPNsense/Unboundplus/+TARGETS
deleted file mode 100644
index 1166df58a..000000000
--- a/src/opnsense/service/templates/OPNsense/Unboundplus/+TARGETS
+++ /dev/null
@@ -1,5 +0,0 @@
-dnsbl.inc:/var/unbound/etc/dnsbl.inc
-whitelist.inc:/var/unbound/etc/whitelist.inc
-miscellaneous.conf:/var/unbound/etc/miscellaneous.conf
-dot.conf:/var/unbound/etc/dot.conf
-lists.inc:/var/unbound/etc/lists.inc