[Dnsmasq-discuss] What IP to use for ad/track blocking?

Bob Brown - Turboweb bob at turboweb.co.nz
Tue Feb 11 23:24:22 GMT 2014

I can't claim credit for this response as I asked a local guru I know 
and here is his response regarding the concept of whether there's a 
"null" IP you can use ...

Nope, not really ... but there are the reserved RFC1918 address ranges 
that could be used - 127/8, 10/8, 172.16/12, 192.168.0/16.
What this DNSmasq thing is doing it trying to 'throw away' requests for 
the specified sites completely, but in fact all it is doing is to 
provide an answer, just not the one they wanted. In this case the answer 
was '' and for the person on this post, they were testing *from 
the server* so of course they got the server's local HTTP service. If 
you tried it from a workstation, you'd not get the same result ... 
unless you had a web server installed on there as well. The default web 
servers listen to anything on 127/8 :-)

You can return any IP you want with dnsmasq, and if you return an 
address that doesn't exist you'll trigger a long timeout while the web 
browser waits for an answer ... so it's best to not do this at all. If 
you don't use the 10/8 network, you'd say 
address=/ihatethissite.com/ <http://ihatethissite.com/> ...

I note that all of the addresses in that example are effectively web 
services, so in this case the better option would be to have a web proxy 
on the network that filtered out those sites. The other common 
alternative is to have a web browser do the filtering (using an addon 
like NoScript or something); and of course you also keep another web 
browser handy that doesn't have those restrictions, just in case one day 
you need those sites ...


- Bob -

On 12/02/14 11:46, Gabriel wrote:
> I haven't tried it, but maybe will do the trick.
> On Feb 11, 2014 4:40 PM, "Chris Green" <cl at isbd.net 
> <mailto:cl at isbd.net>> wrote:
>     I have a few entries in my dnsmasq.conf file to block some tracking
>     sites, as follows:-
>         address=/www.addthis.com/
>     <http://www.addthis.com/>
>         address=/googlesyndication.com/
>     <http://googlesyndication.com/>
>         address=/google-analytics.com/
>     <http://google-analytics.com/>
>         address=/googleadservices.com/
>     <http://googleadservices.com/>
>         address=/doubleclick.net/
>     <http://doubleclick.net/>
>         address=/finder.cox.net/
>     <http://finder.cox.net/>
>     However this means that my web server gets the hits instead if the
>     requests are HTTP ones.  I.e. if I enter www.addthis.com
>     <http://www.addthis.com> into the
>     Firefox address it takes me to my local web server's root page.
>     Is there any IP I can put there which will prevent this - i.e. which
>     is a sort of 'do nothing' IP?  I've tried but that takes me to
>     the local page in exactly the same way as
>     --
>     Chris Green
>     _______________________________________________
>     Dnsmasq-discuss mailing list
>     Dnsmasq-discuss at lists.thekelleys.org.uk
>     <mailto:Dnsmasq-discuss at lists.thekelleys.org.uk>
>     http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

*Turboweb Limited*
Bob Brown (about me) 
Web Developer 	Turboweb
Ph: +64 3 474 5953
	23 Vogel St
Dunedin 9016
New Zealand

*Note: For prompt attention for all support issues, please email 
support at turboweb.co.nz <mailto:support at turboweb.co.nz>.*

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20140212/0b4a44bc/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: turboweb-s.jpg
Type: image/jpeg
Size: 1927 bytes
Desc: not available
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20140212/0b4a44bc/attachment-0001.jpg>

More information about the Dnsmasq-discuss mailing list