[kwlug-disc] DNS Black Hole server

Chamunks chamunks at gmail.com
Sat May 20 15:27:47 EDT 2017 

I've always wanted to do something like the dns black hole but with my edge
router and for not just the 100,000 someodd adservers that are blocked by
the pi hole but a bunch of other nefarious agencies.

Catch anything that matches an IP in the iblocklist lists and black hole
them or just redirect them to pictures of cats or something​. Maybe if you
click the cat have it whitelist the IP for a little while.

On Fri, May 19, 2017, 11:23 PM B.S. <bs27975.2 at gmail.com> wrote:

> You could always redirect DNS queries on your OpenWRT to something you
> think more capable on your net. I thought about running PGL on my
> OpenWRT too, but figured the blacklists would drown it. In the end,
> you're limited by your provider's speed, and one or both of your local
> DNS servers will cache, so the burden on OpenWRT and the other might not
> be too onerous.
>
> - https://sourceforge.net/p/peerguardian/wiki/pgl-Install-DebianUbuntu/
>
> For Android I've been using  AdAway - downloads lists, and optionally a
> server redirecting things via a dynamically built hosts file to itself.
> Seems to be gone from play store, but F-Droid seems to have it at
> https://f-droid.org/repository/browse/?fdid=org.adaway
>
>
> There's also
> https://play.google.com/store/apps/details?id=com.honeybadger , an
> iptables firewall.
>
> On 05/19/2017 09:13 PM, Ronald Barnes wrote:
> > Khalid Baheyeldin wrote on 2017-05-19 07:51 PM:
> >
> >> The whole idea is to add to dnsmasq a list of domains that are aliased
> >> to either 0.0.0.0 or 127.0.0.1.
> >
> > I have (had) a bind server doing that (127.0.0.1), but of course, then
> > my phone made a query to itself. Probably not a big deal, but didn't
> > know how to make bind reply with NXDOMAIN in such instances.
> >
> > Anyone know how that would be done?
> >
> >
> >
> >> the list list
> >> is over 66,500 long and I was concerned that it would slow my router.
> >
> > That's impressively large.
> >
> >
> >> Maybe someone can find this useful. Please report back if you try it.
> >
> > I may give it a whirl and see if it impacts response time.
> >
> >
> > Thanks!
> >
> > _______________________________________________
> > kwlug-disc mailing list
> > kwlug-disc at kwlug.org
> > http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20170520/72894f51/attachment.htm>

More information about the kwlug-disc mailing list