[Dnsmasq-discuss] feature request : NXDOMAIN all domains on network
dnsmasqlist2021 at rscubed.com
dnsmasqlist2021 at rscubed.com
Fri Mar 19 16:23:05 UTC 2021
On Fri, 19 Mar 2021, James Feeney wrote:
> On 3/17/21 7:19 PM, dnsmasqlist2021 at rscubed.com wrote:
>>>> I would like to use it with the spamhaus DROP list (A list of bad
>>>> network blocks) to make all domains (known and currently unknown) on
>>>> those networks disappear.
>
> Hmm - how do you actually configure this? Do you dynamically generate /etc/dnsmasq.conf, derived using the spamhaus DROP list?
>
> Could --ignore-address= and --bogus-nxdomain= be made to accept a file name or
> file names of a file or files containing a list of CIDR network ip addresses?
> Perhaps --ignore-address-file= and --bogus-nxdomain-file= ?
>
> James
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
>
I am just going to do it dynamically with a script once a day...
Something like :
links -source https://www.spamhaus.org/drop/drop.txt |
grep -v '^;' |
grep -Eo '^[0-9]{1,3}[.][0-9]{1,3}[.][0-9]{1,3}[.][0-9]{1,3}[/][0-9]{1,2}' |
awk '{print "bogus-nxdomain="$0}' > /etc/dnsmasq.d/SpamhausDROP.conf
I personally like the bogus-nxdomain better as it seems to return immediately
and ignore-address seems to timeout.
Matt
More information about the Dnsmasq-discuss
mailing list