[Dnsmasq-discuss] Best practice for using Dnsmasq to block advertisements

imnozi at gmail.com imnozi at gmail.com
Tue Aug 16 06:29:17 UTC 2022 

Neil,

For what it's worth, I used the 'local=/FQDN/' format (no IP addr specified) for around 800k entries. This makes dnsmasq grow about 100MiB when running. It still starts up fast, and there is a very small but measurable increase in resolution time. But it works very well (for me) to block ads, pron, warez, and other undesirable hosts. (When I find the time, I'll figure out how to add the 100k IP addrs in the blocklists I use to a netfilter ipset to block them as well.)

I can't answer the question concerning systemd or the one about internationalized FQDNs.

Neal


On Mon, 15 Aug 2022 10:32:57 +0100
Neil Darlow via Dnsmasq-discuss <dnsmasq-discuss at lists.thekelleys.org.uk> wrote:

> Hi,
> 
> I've been using Dnsmasq successfully to manage DNS and DHCP for my home
> services for a while now and I thank you for this excellent piece of
> software.
> 
> I'm now seeking to implement an Ad-blocking solution using Dnsmasq and
> have seen various methods available:
> 1) The address= format
> 2) The server= format
> 3) The conventional /etc/hosts format
> 
> In exploring these methods I find that (1) is quite inefficient, (2)
> seems to prevent Dnsmasq starting under Systemd with a large number of
> entries and (3) seems viable except for one issue.
> 
> The /etc/hosts format seems to complain about Punycode/IDN formatted
> hostnames to the extent that a large number of them floods the systemd
> journal. I get the impression that resolution does work for those
> entries though.
> 
> What are people's thoughts on using Dnsmasq in this role and can these
> "bad name" errors for internationalized hostnames in addn-hosts= be
> mitigated/eliminated somehow?
> 
> For reference, I am using dnsmasq-2.86 on archlinuxARM and it is built
> with libidn2 support.
> 
> TIA,
> Neil Darlow
> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

More information about the Dnsmasq-discuss mailing list