[kwlug-disc] DNS Black Hole server
Khalid Baheyeldin
kb at 2bits.com
Fri May 19 19:51:27 EDT 2017
A couple of years ago, I wanted to implement a network wide ad blocking
scheme. Since I am using OpenWRT, I came up with the script below, based on
some recipes online.
The whole idea is to add to dnsmasq a list of domains that are aliased to
either 0.0.0.0 or 127.0.0.1. You then make the OpenWRT device your only DNS
server. The script updates the list once a week.
For some reason, I never enabled it. Perhaps because uBlock Origin took
care of ads on my laptop and my tablet. Or maybe because the list list is
over 66,500 long and I was concerned that it would slow my router. I don't
remember.
Maybe someone can find this useful. Please report back if you try it.
#!/bin/sh
# For OpenWRT,
# Grab and sort a list of adservers and malware hostnames, and block
them
# Install this file in
/etc/custom/adblock.sh
# Add it to cron by pasting the following line to System -> Scheduled
Tasks
# 0 4 * * 1 sh /etc/adblock.sh
URL_LIST="
pgl.yoyo.org/adservers/serverlist.php?showintro=1;hostformat=hosts;mimetype=plaintext
winhelp2002.mvps.org/hosts.txt
www.malwaredomainlist.com/hostslist/hosts.txt
hosts-file.net/ad_servers.txt
"
BLOCK_LIST=/etc/custom/block.hosts
TMP_LIST=/tmp/block.list
# Check proper DHCP config and, if necessary, update it
uci get dhcp. at dnsmasq[0].addnhosts > /dev/null 2>&1 ||
uci add_list dhcp. at dnsmasq[0].addnhosts=$BLOCK_LIST &&
uci commit
CUSTOM_LIST=$(uci get dhcp. at dnsmasq[0].addnhosts)
# Delete the old blocked hosts to make room for the updates
rm -f $BLOCK_LIST
# Empty the temp file
> $TMP_LIST
# Download and process the files needed to make the lists
for URL in "$URL_LIST"
do
wget -qO- "http://$URL" >> $TMP_LIST
done
# If we have a custom file, then include it too
if [ -s "$CUSTOM_LIST" ]; then
cat $CUSTOM_LIST >> $TMP_LIST
fi
# Sort the lists, and remove the Microsoft Carriage Return ^M
sort -u $TMP_LIST |
sed -e "s/\r//g" > $BLOCK_LIST
# Delete files used to build list to free up the limited space
rm -f $TMP_LIST
# Tell dnsmasq to re-read its configuration
killall -HUP dnsmasq
exit 0
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20170519/26812873/attachment.htm>
More information about the kwlug-disc
mailing list