Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
@A-C-E I also want to be able to block domains containing a string, pi-hole can't do that :/
-
@heymyrthe That one is just an example/for testing as I visit it often and is fast to type :)
-
@-BSD Improving it now with for example custom listsl of domains integrated with surveillance programs, it doesn't say it for everything anymore.
You can load custom hosts files into redis as well π -
My brain has finally figured out that such posts are by linuxxx, even without opening the rant to read.
-
Unless you are blocking all outgoing dns requests (a good network practice), it's kinda of pointless.
Anyway it would be easier to black-hole the zone in Bind. -
That's quite dope tbh (I tried this once but failed miserably).
But why use PHP for this? (just wondering) -
@FinlayDaG33k Because I can program in php nearly without searching for stuff online :)
-
@linuxxx Fair enough xD
Can't wait for it to become open-source :)
Might fork it and build a "nice" web-interface for it.
Might be interesting to create a pi-hole alternative with this as if I understood you correctly, you can also block domains based on a certain string (for example: *ad* or *.adsense.*)? -
@FinlayDaG33k Yes, literally does matches based on strings. So if you add .adsense., it blocks anything containing .adsense. :)
-
@linuxxx dope :)
Though something that always bothered me with the pihole was that it was a pain in the buttocks to create an exception for a specific machine.
Like: I use adsense to provide ads on one of "my" sites (bosses call) so I have to temporarily allow everything on adsense.com in that specific session... -
@linuxxx It would be nice to have something like an extension for that in the browser so we don't have to open the dashboard itself all the time.
Could be a hassle, but imo worth the effort in the long run -
@FinlayDaG33k My first prio is to somehow get this fucker to be reachable from the outside. I can't get it to freaking work, checked firewall stuff etc etc but nope :(
-
@linuxxx by "outside" I hope you mean "other machines on the LAN"...
Also, you get a connection refused or?
You probably already checked it with a `netstat` to see if it even is listening on the port you're trying to use?
If you want a more real-time chat with me, you can get my signal number by sending me a mail at: me[at-thing]<devrant username>.nl -
@FinlayDaG33k Yeah that and yes I netstatted, nmapped and so on and so on. It's listening on the right port and ip. port opened, firewall entirely disabled etc etc but nope :(
Email is away! -
-
@linuxxx Cool, so can you perform regex matching on the request, and block, allow or return a completely arbitrary IP address? That'd be awesome!
-
@DRSDavidSoft Not a regex in my case but yeah I can match against strings. I can return anything I want aha
-
garrettw2647yI love to see people writing stuff in PHP not because it's the best option but because they can. I do similar stuff sometimes. lol it's like getting Windows running on devices that normally wouldn't run it.
-
@linuxxx Just because a car is build for the average road, doesn't mean you can turn it into a race car ;)
-
@linuxxx because it's a shitty language that is slow and inferior to C# and C++ </sarcasm>
-
@linuxxx
Because an app or piece of hardware can use whatever dns server it wants A Googlecast for instance uses Google dns servers despite whatever you give it in dhcp.
Add an iptables rule at the exit gateway redirecting all dns requests to your dns server. -
@linuxxx would it be possible to redirect font.google.com to an according mirror or is ssl standing in the way?
-
@MurmeltierS it basically checks the DNS request against a list of domains he has in his blacklist.
If it's in there, it will get blocked, if not, it will proxy the request upstream. -
@Root @-BSD @heymyrthe @sergeyBrin @sugoi Not sure if you people are still interested but I finally got it to work on a vps of mine.
Working through extensive testing (mostly for security vulnerabilities, already fixed a few DoS ones) right now and going to try to improve the way I match queries against blocked hosts. -
it's been 2 years now, still waiting for sauce D: (am working on a DNS server atm as well and can't get my head around all this stuff D:
-
@FinlayDaG33k @Root I actually "finished" it ages ago, just stopped using it myself!
I'll see if I can find the project and put it online somewhere :)
Related Rants
The DNS server I'm writing in PHP (largely taken from another project) is starting to work!
Next to just blocking queries it logs every blocked query so I can have stats :3
A little terminal output:
rant
dns server
block those fuckers
php