[Dnsmasq-discuss] Feature request = block-conf
Ercolino de Spiacico
bellocarico at hotmail.com
Sun Mar 27 07:52:52 UTC 2022
>> [ -f list.of.domain ] && { create the formatted configuration }
>>
>> would always fail at dnsmasq level if the list.of.domains doesn't exist
>> despite the file existence condition defined. I'm not sure this is
meant
>> to be and/or if there's a smart workaround that can be used.
>
> I don't understand this, could you give more details.
Ok I have progressed on this point since. Basically I worked out the
dnsmasq is checking the script exit code. as I had something like this
in the script:
[ -f list.of.domain ] && { create the formatted configuration }
I just had to "force" the exit 0 to the command so:
[ -f list.of.domain ] && { create the formatted configuration } || {
exit 0; }
This makes the script returning exit 0 regardless and have --test
ignoring (rightly) any issue with that part of the script. Wanted so
good enough for me.
> Note that having loaded the config, dnsmasq has to sort all the domains,
> which will be part of the time taken. Doing that once makes the lookups
> much faster.
As part of the adblock.domain formatting I feed it to dnsmasq after a
sort -u so somehow it's already sorted, Could this internal sorting be
optionally skipped?
> How long are you without DNS service?
>
It's proportional to the number of records in the adblock file. For
large lists, on a fast router it can easy go into the 15+ seconds. This
happens relatively frequently on a router where external conditions
restart dnsmasq "just in case". So answering your question in detail,
given a relatively basic scripting config:
#######
DOMAINS="/tmp/adblock.domains"
/usr/bin/wget --no-check-certificate -T 15 -q -U "Mozilla/5.0 (X11;
Linux x86_64; rv:10.0) Gecko/20100101 Firefox/98.0.1" -O-
https://hosts.oisd.nl | grep -Ev
'^#.*|^!.*|^::|^\s*?$|^([a-f0-9:]+:+)+[a-f0-9]+' | grep -Eo
'((([a-zA-Z]{1,2})|([0-9]{1,2})|([a-zA-Z0-9]{1,2})|([a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9]))\.)+[a-zA-Z]{2,6}'
| sort -u > $DOMAINS
gzip /tmp/adblock.domains
echo "script-conf=/tmp/script.sh" >> /etc/dnsmasq.conf
echo -e "#!/bin/sh\nset -e\n[ -f ${DOMAINS} ] && /bin/zcat ${DOMAINS}.gz
| /bin/sed -e \"s:^:address=/:\" -e \"s:$:/:\" || exit 0" > /tmp/script.sh
chmod 777 /tmp/script.sh
#######
At this point restarting should give you a magnitude of time. Of course
on a fast PC/VM this might not be that much, on a router where in the
best of the cases you have 2x 800/1000MHz the delay is surely noticeable.
This Internet list above (https://hosts.oisd.nl) is 40MB uncompressed,
the regex extracts domains-only so shrinking it to 60% of its original
size and the gzip compression shrinks much further. Decompressing and
scripting it up of course takes time.
> One possible solution is to add an option to dnsmasq which causes it to
> send SIGTERM is a process-id _after_ reading config and _before_ opening
> network sockets. That would delay stopping the old dnsmasq process until
> the new one is almost ready to go. Would require some clever scripting
> in the init system or systemd to make it work.
Right! Could you please share more details on this idea? It could be a
smart workaround indeed.
Thanks
More information about the Dnsmasq-discuss
mailing list