[Dnsmasq-discuss] Add blacklist feature

dnsmasq at lists.bod.org dnsmasq at lists.bod.org
Thu Apr 8 01:51:52 BST 2010


My dnsmasq.conf consists of the single line:

conf-dir=/etc/dnsmasq.d

...and I keep a number of config files in /etc/dnsmasq.d - one for 
general config options, another for DHCP options, a third for static IP 
allocations (including by MAC address via DHCP), etc. So just dropping a 
new 'adservers' file into /etc/dnsmasq.d and restarting it will cause 
the new list to be picked up.

Also has the advantage that if a misguided package upgrade also 
'upgrades' my dnsmasq.conf file, I can restore normal operation very 
easily ;)

-- Paul

Don Muller wrote:
>
> *From:* dnsmasq at lists.bod.org [mailto:dnsmasq at lists.bod.org]
> *Sent:* Wednesday, April 07, 2010 6:14 PM
> *To:* Don Muller
> *Cc:* Dnsmasq-discuss at lists.thekelleys.org.uk
> *Subject:* Re: [Dnsmasq-discuss] Add blacklist feature
>
>  
>
> It's possible to do this without modifications today. I'm using a cron 
> job:
>
> #!/bin/sh
> wget --quiet --output-document=/etc/dnsmasq.d/adservers \
> "http://pgl.yoyo.org/adservers/serverlist.php?hostformat=dnsmasq&showintro=0&mimetype=plaintext&useip=127.0.0.1" 
> <http://pgl.yoyo.org/adservers/serverlist.php?hostformat=dnsmasq&showintro=0&mimetype=plaintext&useip=127.0.0.1>
> /etc/init.d/dnsmasq restart
>
> If you use a different source for the blacklist, a little sed or awk 
> in necessary to reformat the list, but it just so happens that the 
> adservers list is available natively in dnsmasq format.
>
> Not to say that adding some blacklist functionality to dnsmasq doesn't 
> have its plus points, of course. Though I think I'd rather the 
> implementation stays with a single cache and adds a flag to mark an 
> entry as 'evil', than another cache is added solely for that purpose. 
> I'd like to see RBLs supported too (is that what you meant by 
> 'blacklist servers'?).
>
> -- Paul
>
> p.s. BTW, are you aware of the web content filtering features OpenDNS 
> provides? guess it depends what kind of blacklisting you're seeking.
>
>   
>
>  
>
> Hi Paul,
>
>  
>
> Very nice. How do you reference the adservers file in the dnsmasq.conf 
> file?
>
>  
>
> Yes I mean RBLs when I said blacklist.
>
>  
>
> Don
>
>  
>
>  
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20100407/2889eb21/attachment.htm 


More information about the Dnsmasq-discuss mailing list