On 2020-06-15 11:52 a.m., Jon Tabor wrote:
On Fri, Jun 12, 2020 at 04:33:08PM -0700, Jordan Geoghegan wrote:
On 2020-06-12 14:01, George wrote:
On 2020-06-12 3:41 p.m., Maurice McCarthy wrote:
You could have a look at
https://www.geoghegan.ca/unbound-adblock.html and
https://www.geoghegan.ca/pfbadhost.html
Simply great! Will definitely try these out.
Merci!
George
Hey there,
I'm the author of those scripts. In response to concerns about
heavyness/memory use of DNS blocklists: unbound-adblock is pretty light on
memory (~30MB of RAM usage) as we serve NXDOMAIN responses instead of
redirecting to 0.0.0.0 etc. By doing this we save a massive amount of memory
that would otherwise be spent mapping each domain to a black hole address. I
run unbound-adblock on many Edgerouter Lites and havent had any issues.
Regards,
Jordan Geoghegan
I'm using these scripts (or a version of them; I've had them in for a
while), and it's using NXDOMAIN which loads way faster and uses a lot
less memory. I also slightly tweaked the script I have to include a
whitelist file, as my wife keeps finding sites that simply won't work
properly. It simply calls sed to remove lines from the
unbound-adhosts.conf file
Works great. I also set up pf to redirect all DNS queries to my local
instance of unbound, so you can't easily bypass it (unless you use DNS
over HTTPS).
Jon Tabor
tab...@obsolete.site
Thanks for sharing, this is good to know!
