<div dir="ltr"><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;color:#444444">For the purposes of blocking subdomains of known-bad domains I definitely want the "free" wildcard functionality so I'll continue using what I'm using.  Thanks for the information!</div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;color:#444444"><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;color:#444444">--Mike </div></div><div class="gmail_extra"><br><div class="gmail_quote">On Sun, Feb 19, 2017 at 11:10 AM, Simon Kelley <span dir="ltr"><<a href="mailto:simon@thekelleys.org.uk" target="_blank">simon@thekelleys.org.uk</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">-----BEGIN PGP SIGNED MESSAGE-----<br>
Hash: SHA256<br>
<br>
There are two ways to do this: one is the way you have.<br>
<br>
The second is  using either a file in the same format as /etc/hosts<br>
and --addn-hosts, using --host-record.<br>
<br>
Either probably have similar memory-footprint implications, but the<br>
first does wildcards, so your example actually matches<br>
<a href="http://www.example.com" rel="noreferrer" target="_blank">www.example.com</a>, <a href="http://mail.example.com" rel="noreferrer" target="_blank">mail.example.com</a> etc. The second doesn't do<br>
wildcards, but will be much faster as you go through the next couple<br>
of orders of magnitude.<br>
<br>
There are no hard limits, but there are always pratical limits.<br>
<br>
<br>
Cheers,<br>
<br>
Simon.<br>
<span class=""><br>
On 16/02/17 19:19, Mike Lee wrote:<br>
> Hi folks, I'm redirecting undesirable domains to a "black hole" to<br>
> prevent normal DNS resolution.<br>
><br>
> Specifically, I have this line in my dnsmasq.conf:<br>
><br>
> conf-file=/etc/dnsmasq-<wbr>blackhole.conf<br>
><br>
> That file in turn has multiple lines of the form:<br>
><br>
</span>> address=/<a href="http://example.com/127.0.0.1" rel="noreferrer" target="_blank">example.com/127.0.0.1</a> <<a href="http://example.com/127.0.0.1" rel="noreferrer" target="_blank">http://example.com/127.0.0.1</a>><br>
<span class="">><br>
> I just recently added a new source of domains from<br>
</span>> <a href="http://malwaredomains.com" rel="noreferrer" target="_blank">malwaredomains.com</a> <<a href="http://malwaredomains.com" rel="noreferrer" target="_blank">http://malwaredomains.com</a>>, and my<br>
<span class="">> blackhole.conf has now ballooned to roughly 20k lines.  Those 20k<br>
> lines appear to consume about 3MB of memory.  The daemon appears to<br>
> be running fine, but memory aside, for future reference is there a<br>
> practical or hard limit to how this type of configuration will<br>
> scale?  Will it gracefully handle 200k such domain configuration<br>
> lines? 2M lines?<br>
><br>
> Thanks!<br>
><br>
> --Mike<br>
><br>
><br>
</span>> ______________________________<wbr>_________________ Dnsmasq-discuss<br>
> mailing list <a href="mailto:Dnsmasq-discuss@lists.thekelleys.org.uk">Dnsmasq-discuss@lists.<wbr>thekelleys.org.uk</a><br>
> <a href="http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss" rel="noreferrer" target="_blank">http://lists.thekelleys.org.<wbr>uk/mailman/listinfo/dnsmasq-<wbr>discuss</a><br>
><br>
-----BEGIN PGP SIGNATURE-----<br>
Version: GnuPG v2.0.22 (GNU/Linux)<br>
<br>
iQIcBAEBCAAGBQJYqd9/<wbr>AAoJEBXN2mrhkTWi2EMP/<wbr>RmPgJFhIBn9en2hl6RTAQYR<br>
YEC2NWt+8qdI0u6MyQUTqqtXVvM3b+<wbr>AcuxX1OhQEfFu8NRgm03LcIYAAVNXR<wbr>d73+<br>
CkF9/<wbr>t7lzGRsgo6RwJG9xDnJaFVaE93J0eC<wbr>RzEm7PhdLWH7BuBhIUM5TAfmIKL4v<br>
TKsFLOv5H0bZONq29UpBcO19MzRGC6<wbr>JnsCzBSgLJbz+UK+n0y60HLdc+<wbr>xegWGT68<br>
EmdZXyMA6mYCEw0p0Q3UUGgclAQzd7<wbr>XTkiwKezdZmfUK6t0UICLnmz907D7b<wbr>3Frn<br>
6rqW0Mh7o8rMQBk7LGXB+<wbr>W5zQpswXV8wNtg2aUboEECqa9lHBZd<wbr>d071Nf+M1SLcv<br>
ybheNLrsXoIct9elTo9U9b6bqRgJUY<wbr>XaRwDXviYCqCif41mnf51K9KDJP3kw<wbr>M/we<br>
NSLUqmYTnDkiEFrOXQHhLAkosKbs17<wbr>B4+7jCIJk8D+<wbr>6PInBpStc0Ms3PAp0fwK+o<br>
wC8Mus7dOQU/1nMu4vSjyOD+<wbr>CYOTGLqWotaOLIqAtIdfF/<wbr>Z1zsgwWdezDux3tK9v<br>
FwsXfBoA60pdWBZlhvMIYAtjyEvWM6<wbr>tjKESUEfJ73nnbWRk1mj6g4eqSfFm/<wbr>IKA/<br>
PRpo0nHSQ69rw9YQt9CF5AgnjU7YAv<wbr>CjptlDDwsoJRmLEf6tIJrqp29I9Y+<wbr>M8506<br>
iRDOQreoY3ZUVwsUPaEn<br>
=SQMw<br>
-----END PGP SIGNATURE-----<br>
<br>
______________________________<wbr>_________________<br>
Dnsmasq-discuss mailing list<br>
<a href="mailto:Dnsmasq-discuss@lists.thekelleys.org.uk">Dnsmasq-discuss@lists.<wbr>thekelleys.org.uk</a><br>
<a href="http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss" rel="noreferrer" target="_blank">http://lists.thekelleys.org.<wbr>uk/mailman/listinfo/dnsmasq-<wbr>discuss</a><br>
</blockquote></div><br></div>