Talk:Using Unbound as an Ad-blocker: Difference between revisions

From Alpine Linux
m (Added a suggestion that includes a massive codeblock. Not sure how to work it in the article.)
(Done.)
 
Line 1: Line 1:
==Proposal to remove entire background section==
I think that the background section adds NOTHING to this article. The article is about unbound, but the entire background section seems to refer to pi-hole... It's funny because the article title doesn't mention pi-hole at all. Unbound is a perfectly functional way to add advertising blocking without any of the pi-hole nonsense.
I propose that the background section either be completely removed, or at least stripped of ridiculous formatting and references to pi-hole.
&ndash;[[User:zcrayfish|zcrayfish]] <small>([[User talk:zcrayfish|talk]]•[[Special:Contributions/zcrayfish|contribs]]•[[Special:EmailUser/zcrayfish|send email]])</small> 06:32, 15 February 2024 (UTC)
==Mention of modern browsers' attempts to bypass DNS blocking of ad servers==
==Mention of modern browsers' attempts to bypass DNS blocking of ad servers==
The article could also use an entire section explaining how modern browsers, especially Chrome, attempt to use DNS over HTTPS to bypass the system configured DNS server under the guise of privacy (but lets face it, Google has financial incentive to prevent people from blocking ad.doubleclick.com)... An unbound configuration that prevents bootstrapping of popular DoH servers could help. Something like:
The article could also use an entire section explaining how modern browsers, especially Chrome, attempt to use DNS over HTTPS to bypass the system configured DNS server under the guise of privacy (but lets face it, Google has financial incentive to prevent people from blocking ad.doubleclick.com)... An unbound configuration that prevents bootstrapping of popular DoH servers could help. Something like:

Latest revision as of 03:47, 16 February 2024

Mention of modern browsers' attempts to bypass DNS blocking of ad servers

The article could also use an entire section explaining how modern browsers, especially Chrome, attempt to use DNS over HTTPS to bypass the system configured DNS server under the guise of privacy (but lets face it, Google has financial incentive to prevent people from blocking ad.doubleclick.com)... An unbound configuration that prevents bootstrapping of popular DoH servers could help. Something like: 

server:
#These three domains require special handling
local-zone: "resolver.arpa" redirect
local-zone: "doh.dns.apple.com" redirect
local-zone: "use-application-dns.net" always_nxdomain
local-zone: "cloudflare-dns.com" static
local-zone: "dns-tunnel-check.googlezip.net" always_refuse
#All other domains, lie and provide our own IP
local-data: "doh.dns.apple.com.v.aaplimg.com. 120 IN A 192.168.0.1"
local-data: "doh.42l.fr. 120 IN A 192.168.0.1"
local-data: "i.233py.com. 120 IN A 192.168.0.1"
local-data: "i.233py.com.a.bdydns.com. 120 IN A 192.168.0.1"
local-data: "opencdn.jomodns.com. 120 IN A 192.168.0.1"
local-data: "dns.233py.com. 120 IN A 192.168.0.1"
local-data: "dns.233py.com.cdn.cloudflare.net. 120 IN A 192.168.0.1"
local-data: "edns.233py.com. 120 IN A 192.168.0.1"
local-data: "ndns.233py.com. 120 IN A 192.168.0.1"
local-data: "sdns.233py.com. 120 IN A 192.168.0.1"
local-data: "wdns.233py.com. 120 IN A 192.168.0.1"
local-data: "dns-gcp.aaflalo.me. 120 IN A 192.168.0.1"
local-data: "dns-nyc.aaflalo.me. 120 IN A 192.168.0.1"
local-data: "dns.aaflalo.me. 120 IN A 192.168.0.1"
local-data: "doh.abmb.win. 120 IN A 192.168.0.1"
local-data: "doh2.abmb.win. 120 IN A 192.168.0.1"
local-data: "dns.adguard.com. 120 IN A 192.168.0.1"
local-data: "dns-family.adguard.com. 120 IN A 192.168.0.1"
local-data: "dns-unfiltered.adguard.com. 120 IN A 192.168.0.1"
local-data: "dns.adguard-dns.com. 120 IN A 192.168.0.1"
local-data: "family.adguard-dns.com. 120 IN A 192.168.0.1"
local-data: "unfiltered.adguard-dns.com. 120 IN A 192.168.0.1"
local-data: "doh.nl.ahadns.net. 120 IN A 192.168.0.1"
local-data: "doh.in.ahadns.net. 120 IN A 192.168.0.1"
local-data: "doh.la.ahadns.net. 120 IN A 192.168.0.1"
local-data: "doh.ny.ahadns.net. 120 IN A 192.168.0.1"
local-data: "doh.pl.ahadns.net. 120 IN A 192.168.0.1"
local-data: "doh.it.ahadns.net. 120 IN A 192.168.0.1"
local-data: "doh.es.ahadns.net. 120 IN A 192.168.0.1"
local-data: "doh.no.ahadns.net. 120 IN A 192.168.0.1"
local-data: "doh.chi.ahadns.net. 120 IN A 192.168.0.1"
local-data: "doh.au.ahadns.net. 120 IN A 192.168.0.1"
local-data: "dot.nl.ahadns.net. 120 IN A 192.168.0.1"
local-data: "dot.in.ahadns.net. 120 IN A 192.168.0.1"
local-data: "dot.la.ahadns.net. 120 IN A 192.168.0.1"
local-data: "dot.ny.ahadns.net. 120 IN A 192.168.0.1"
local-data: "dot.pl.ahadns.net. 120 IN A 192.168.0.1"
local-data: "dot.it.ahadns.net. 120 IN A 192.168.0.1"
local-data: "dot.es.ahadns.net. 120 IN A 192.168.0.1"
local-data: "dot.no.ahadns.net. 120 IN A 192.168.0.1"
local-data: "dot.chi.ahadns.net. 120 IN A 192.168.0.1"
local-data: "dot.au.ahadns.net. 120 IN A 192.168.0.1"
local-data: "dnses.alekberg.net. 120 IN A 192.168.0.1"
local-data: "dnsnl.alekberg.net. 120 IN A 192.168.0.1"
local-data: "dnsse.alekberg.net. 120 IN A 192.168.0.1"
local-data: "dns.alidns.com. 120 IN A 192.168.0.1"
local-data: "doh.appliedprivacy.net. 120 IN A 192.168.0.1"
local-data: "doh.applied-privacy.net. 120 IN A 192.168.0.1"
local-data: "dot1.applied-privacy.net. 120 IN A 192.168.0.1"
local-data: "doh.armadillodns.net. 120 IN A 192.168.0.1"
local-data: "dohtrial.att.net. 120 IN A 192.168.0.1"
local-data: "doh1.blahdns.com. 120 IN A 192.168.0.1"
local-data: "doh1.b-cdn.net. 120 IN A 192.168.0.1"
local-data: "doh2.blahdns.com. 120 IN A 192.168.0.1"
local-data: "doh2.b-cdn.net. 120 IN A 192.168.0.1"
local-data: "dot-ch.blahdns.com. 120 IN A 192.168.0.1"
local-data: "doh-ch.blahdns.com. 120 IN A 192.168.0.1"
local-data: "dot-fi.blahdns.com. 120 IN A 192.168.0.1"
local-data: "doh-fi.blahdns.com. 120 IN A 192.168.0.1"
local-data: "dot-de.blahdns.com. 120 IN A 192.168.0.1"
local-data: "doh-de.blahdns.com. 120 IN A 192.168.0.1"
local-data: "dot-jp.blahdns.com. 120 IN A 192.168.0.1"
local-data: "doh-jp.blahdns.com. 120 IN A 192.168.0.1"
local-data: "dot-sg.blahdns.com. 120 IN A 192.168.0.1"
local-data: "doh-sg.blahdns.com. 120 IN A 192.168.0.1"
local-data: "doh.blockerdns.com. 120 IN A 192.168.0.1"
local-data: "doh.bortzmeyer.fr. 120 IN A 192.168.0.1"
local-data: "dns.brahma.world. 120 IN A 192.168.0.1"
local-data: "bravedns.com. 120 IN A 192.168.0.1"
local-data: "doh.captnemo.in. 120 IN A 192.168.0.1"
local-data: "ibuki.cgnat.net. 120 IN A 192.168.0.1"
local-data: "canadianshield.cira.ca. 120 IN A 192.168.0.1"
local-data: "dns.cloudflare.com. 120 IN A 192.168.0.1"
local-data: "one.one.one.one. 120 IN A 192.168.0.1"
local-data: "cloudflare-gateway.com. 120 IN A 192.168.0.1"
local-data: "doh.cleanbrowsing.org. 120 IN A 192.168.0.1"
local-data: "security-filter-dns.cleanbrowsing.org. 120 IN A 192.168.0.1"
local-data: "adult-filter-dns.cleanbrowsing.org. 120 IN A 192.168.0.1"
local-data: "family-filter-dns.cleanbrowsing.org. 120 IN A 192.168.0.1"
local-data: "dns.cmrg.net. 120 IN A 192.168.0.1"
local-data: "commons.host. 120 IN A 192.168.0.1"
local-data: "dns.containerpi.com. 120 IN A 192.168.0.1"
local-data: "dohdot.coxlab.net. 120 IN A 192.168.0.1"
local-data: "doh.crypto.sx. 120 IN A 192.168.0.1"
local-data: "jit.ddns.net. 120 IN A 192.168.0.1"
local-data: "dns.decloudus.com. 120 IN A 192.168.0.1"
local-data: "doh.defaultroutes.de. 120 IN A 192.168.0.1"
local-data: "dns.developer.li. 120 IN A 192.168.0.1"
local-data: "dns2.developer.li. 120 IN A 192.168.0.1"
local-data: "dns.digitale-gesellschaft.ch. 120 IN A 192.168.0.1"
local-data: "dns1.digitale-gesellschaft.ch. 120 IN A 192.168.0.1"
local-data: "dns2.digitale-gesellschaft.ch. 120 IN A 192.168.0.1"
local-data: "doh.disconnect.app. 120 IN A 192.168.0.1"
local-data: "ns1.recursive.dnsbycomodo.com. 120 IN A 192.168.0.1"
local-data: "ns2.recursive.dnsbycomodo.com. 120 IN A 192.168.0.1"
local-data: "dnsforge.de. 120 IN A 192.168.0.1"
local-data: "dns.google. 120 IN A 192.168.0.1"
local-data: "dns.dnshome.de. 120 IN A 192.168.0.1"
local-data: "dns1.dnscrypt.ca. 120 IN A 192.168.0.1"
local-data: "dns2.dnscrypt.ca. 120 IN A 192.168.0.1"
local-data: "doh.dnslify.com. 120 IN A 192.168.0.1"
local-data: "a.ns.dnslify.com. 120 IN A 192.168.0.1"
local-data: "b.ns.dnslify.com. 120 IN A 192.168.0.1"
local-data: "a.safe.ns.dnslify.com. 120 IN A 192.168.0.1"
local-data: "b.safe.ns.dnslify.com. 120 IN A 192.168.0.1"
local-data: "a.family.ns.dnslify.com. 120 IN A 192.168.0.1"
local-data: "b.family.ns.dnslify.com. 120 IN A 192.168.0.1"
local-data: "dns.dnsoverhttps.net. 120 IN A 192.168.0.1"
local-data: "dns.dns-over-https.com. 120 IN A 192.168.0.1"
local-data: "adblock-dot.dnswarden.com. 120 IN A 192.168.0.1"
local-data: "adult-filter-dot.dnswarden.com. 120 IN A 192.168.0.1"
local-data: "doh.dnswarden.com. 120 IN A 192.168.0.1"
local-data: "ecs-doh.dnswarden.com. 120 IN A 192.168.0.1"
local-data: "uncensored-dot.dnswarden.com. 120 IN A 192.168.0.1"
local-data: "doh.li. 120 IN A 192.168.0.1"
local-data: "doh.ffmuc.net. 120 IN A 192.168.0.1"
local-data: "dot.ffmuc.net. 120 IN A 192.168.0.1"
local-data: "rdns.faelix.net. 120 IN A 192.168.0.1"
local-data: "pdns.faelix.net. 120 IN A 192.168.0.1"
local-data: "dns.flatuslifir.is. 120 IN A 192.168.0.1"
local-data: "dns.google.com. 120 IN A 192.168.0.1"
local-data: "google-public-dns-a.google.com. 120 IN A 192.168.0.1"
local-data: "google-public-dns-b.google.com. 120 IN A 192.168.0.1"
local-data: "query.hdns.io. 120 IN A 192.168.0.1"
local-data: "ordns.he.net. 120 IN A 192.168.0.1"
local-data: "dns.hostux.net. 120 IN A 192.168.0.1"
local-data: "opennic.i2pd.xyz. 120 IN A 192.168.0.1"
local-data: "public.dns.iij.jp. 120 IN A 192.168.0.1"
local-data: "jcdns.fun. 120 IN A 192.168.0.1"
local-data: "us1.dns.lavate.ch. 120 IN A 192.168.0.1"
local-data: "eu1.dns.lavate.ch. 120 IN A 192.168.0.1"
local-data: "resolver-eu.lelux.fi. 120 IN A 192.168.0.1"
local-data: "doh.libredns.org. 120 IN A 192.168.0.1"
local-data: "dot.libredns.gr.com. 120 IN A 192.168.0.1"
local-data: "dot.libredns.gr. 120 IN A 192.168.0.1"
local-data: "doh.libredns.gr. 120 IN A 192.168.0.1"
local-data: "jarjar.meganerd.nl. 120 IN A 192.168.0.1"
local-data: "dns.mrkaran.dev. 120 IN A 192.168.0.1"
local-data: "adblock.mydns.network. 120 IN A 192.168.0.1"
local-data: "dns.neutopia.org. 120 IN A 192.168.0.1"
local-data: "dns.aa.net.uk. 120 IN A 192.168.0.1"
local-data: "doh.netweaver.uk. 120 IN A 192.168.0.1"
local-data: "dns.nextdns.io. 120 IN A 192.168.0.1"
local-data: "dns1.nextdns.io. 120 IN A 192.168.0.1"
local-data: "dns2.nextdns.io. 120 IN A 192.168.0.1"
local-data: "odvr.nic.cz. 120 IN A 192.168.0.1"
local-data: "dns.nixnet.xyz. 120 IN A 192.168.0.1"
local-data: "lv1.nixnet.xyz. 120 IN A 192.168.0.1"
local-data: "ny1.nixnet.xyz. 120 IN A 192.168.0.1"
local-data: "lux1.nixnet.xyz. 120 IN A 192.168.0.1"
local-data: "dns.njal.la. 120 IN A 192.168.0.1"
local-data: "doh.opendns.com. 120 IN A 192.168.0.1"
local-data: "doh.familyshield.opendns.com. 120 IN A 192.168.0.1"
local-data: "doh.sandbox.opendns.com. 120 IN A 192.168.0.1"
local-data: "resolver1.opendns.com. 120 IN A 192.168.0.1"
local-data: "resolver2.opendns.com. 120 IN A 192.168.0.1"
local-data: "resolver1-fs.opendns.com. 120 IN A 192.168.0.1"
local-data: "resolver2-fs.opendns.com. 120 IN A 192.168.0.1"
local-data: "dns.oszx.co. 120 IN A 192.168.0.1"
local-data: "a.passcloud.xyz. 120 IN A 192.168.0.1"
local-data: "i.passcloud.xyz. 120 IN A 192.168.0.1"
local-data: "doh.post-factum.tk. 120 IN A 192.168.0.1"
local-data: "doh.powerdns.org. 120 IN A 192.168.0.1"
local-data: "rpz-public-resolver1.rrdns.pch.net. 120 IN A 192.168.0.1"
local-data: "dns.pumplex.com. 120 IN A 192.168.0.1"
local-data: "dns.quad9.net. 120 IN A 192.168.0.1"
local-data: "dns9.quad9.net. 120 IN A 192.168.0.1"
local-data: "dns10.quad9.net. 120 IN A 192.168.0.1"
local-data: "dns11.quad9.net. 120 IN A 192.168.0.1"
local-data: "dns12.quad9.net. 120 IN A 192.168.0.1"
local-data: "dns13.quad9.net. 120 IN A 192.168.0.1"
local-data: "dns-nosec.quad9.net. 120 IN A 192.168.0.1"
local-data: "dns.rubyfish.cn. 120 IN A 192.168.0.1"
local-data: "ea-dns.rubyfish.cn. 120 IN A 192.168.0.1"
local-data: "uw-dns.rubyfish.cn. 120 IN A 192.168.0.1"
local-data: "rumpelsepp.org. 120 IN A 192.168.0.1"
local-data: "dns1.ryan-palmer.com. 120 IN A 192.168.0.1"
local-data: "doh.securedns.eu. 120 IN A 192.168.0.1"
local-data: "ads-doh.securedns.eu. 120 IN A 192.168.0.1"
local-data: "dot.securedns.eu. 120 IN A 192.168.0.1"
local-data: "doh.seby.io. 120 IN A 192.168.0.1"
local-data: "doh-2.seby.io. 120 IN A 192.168.0.1"
local-data: "dot.seby.io. 120 IN A 192.168.0.1"
local-data: "2.dnscrypt-cert.dns.seby.io. 120 IN A 192.168.0.1"
local-data: "dnsovertls.sinodun.com. 120 IN A 192.168.0.1"
local-data: "dnsovertls1.sinodun.com. 120 IN A 192.168.0.1"
local-data: "dnsovertls2.sinodun.com. 120 IN A 192.168.0.1"
local-data: "dnsovertls3.sinodun.com. 120 IN A 192.168.0.1"
local-data: "fi.doh.dns.snopyta.org. 120 IN A 192.168.0.1"
local-data: "fi.dot.dns.snopyta.org. 120 IN A 192.168.0.1"
local-data: "dns.switch.ch. 120 IN A 192.168.0.1"
local-data: "ibksturm.synology.me. 120 IN A 192.168.0.1"
local-data: "dns.t53.de. 120 IN A 192.168.0.1"
local-data: "dns.therifleman.name. 120 IN A 192.168.0.1"
local-data: "doh.tiar.app. 120 IN A 192.168.0.1"
local-data: "dot.tiar.app. 120 IN A 192.168.0.1"
local-data: "doh.tiarap.org. 120 IN A 192.168.0.1"
local-data: "jp.tiar.app. 120 IN A 192.168.0.1"
local-data: "jp.tiarap.org. 120 IN A 192.168.0.1"
local-data: "dns.twnic.tw. 120 IN A 192.168.0.1"
local-data: "doh.this.web.id. 120 IN A 192.168.0.1"
local-data: "dns.wugui.zone. 120 IN A 192.168.0.1"
local-data: "dns-asia.wugui.zone. 120 IN A 192.168.0.1"
local-data: "adfree.usableprivacy.net. 120 IN A 192.168.0.1"
local-data: "doh.xfinity.com. 120 IN A 192.168.0.1"
local-data: "doh.gslb2.xfinity.com. 120 IN A 192.168.0.1"
local-data: "fdns1.dismail.de. 120 IN A 192.168.0.1"
local-data: "fdns2.dismail.de. 120 IN A 192.168.0.1"
local-data: "anycast.censurfridns.dk. 120 IN A 192.168.0.1"
local-data: "unicast.censurfridns.dk. 120 IN A 192.168.0.1"
local-data: "anycast.uncensoreddns.org. 120 IN A 192.168.0.1"
local-data: "unicast.uncensoreddns.org. 120 IN A 192.168.0.1"
local-data: "dns.comss.one. 120 IN A 192.168.0.1"
local-data: "dns.east.comss.one. 120 IN A 192.168.0.1"
local-data: "dns-doh.dnsforfamily.com. 120 IN A 192.168.0.1"
local-data: "dns-dot.dnsforfamily.com. 120 IN A 192.168.0.1"
local-data: "dns.cfiec.net. 120 IN A 192.168.0.1"
local-data: "asia.dnscepat.id. 120 IN A 192.168.0.1"
local-data: "eropa.dnscepat.id. 120 IN A 192.168.0.1"
local-data: "doh.360.cn. 120 IN A 192.168.0.1"
local-data: "dot.360.cn. 120 IN A 192.168.0.1"
local-data: "doh.pub. 120 IN A 192.168.0.1"
local-data: "dns.pub. 120 IN A 192.168.0.1"
local-data: "dot.pub. 120 IN A 192.168.0.1"
local-data: "kaitain.restena.lu. 120 IN A 192.168.0.1"
local-data: "getdnsapi.net. 120 IN A 192.168.0.1"
local-data: "dns.larsdebruin.net. 120 IN A 192.168.0.1"
local-data: "dns-tls.bitwiseshift.net. 120 IN A 192.168.0.1"
local-data: "ns1.dnsprivacy.at. 120 IN A 192.168.0.1"
local-data: "ns2.dnsprivacy.at. 120 IN A 192.168.0.1"
local-data: "dns.bitgeek.in. 120 IN A 192.168.0.1"
local-data: "privacydns.go6lab.si. 120 IN A 192.168.0.1"
local-data: "dnsotls.lab.nic.cl. 120 IN A 192.168.0.1"
local-data: "tls-dns-u.odvr.dns-oarc.net. 120 IN A 192.168.0.1"
local-data: "doh.centraleu.pi-dns.com. 120 IN A 192.168.0.1"
local-data: "dot.centraleu.pi-dns.com. 120 IN A 192.168.0.1"
local-data: "doh.northeu.pi-dns.com. 120 IN A 192.168.0.1"
local-data: "dot.northeu.pi-dns.com. 120 IN A 192.168.0.1"
local-data: "doh.westus.pi-dns.com. 120 IN A 192.168.0.1"
local-data: "dot.westus.pi-dns.com. 120 IN A 192.168.0.1"
local-data: "doh.eastus.pi-dns.com. 120 IN A 192.168.0.1"
local-data: "dot.eastus.pi-dns.com. 120 IN A 192.168.0.1"
local-data: "doh.eastau.pi-dns.com. 120 IN A 192.168.0.1"
local-data: "dot.eastau.pi-dns.com. 120 IN A 192.168.0.1"
local-data: "doh.eastas.pi-dns.com. 120 IN A 192.168.0.1"
local-data: "dot.eastas.pi-dns.com. 120 IN A 192.168.0.1"
local-data: "doh.pi-dns.com. 120 IN A 192.168.0.1"
local-data: "freedns.controld.com. 120 IN A 192.168.0.1"
local-data: "doh.mullvad.net. 120 IN A 192.168.0.1"
local-data: "dns.arapurayil.com. 120 IN A 192.168.0.1"
local-data: "dot.xfinity.com. 120 IN A 192.168.0.1"
local-data: "dot.cox.net. 120 IN A 192.168.0.1"
local-data: "doh.cox.net. 120 IN A 192.168.0.1"
local-data: "dns.sb. 120 IN A 192.168.0.1"
local-data: "8888.google. 120 IN A 192.168.0.1"
local-data: "doh.quickline.ch. 120 IN A 192.168.0.1"
local-data: "doh-02.spectrum.com. 120 IN A 192.168.0.1"
local-data: "doh-01.spectrum.com. 120 IN A 192.168.0.1"
local-data: "mask.icloud.com. 120 IN A 192.168.0.1"
local-data: "mask-h2.icloud.com. 120 IN A 192.168.0.1"
local-data: "dandelionsprout.asuscomm.com. 120 IN A 192.168.0.1"
local-data: "basic.rethinkdns.com. 120 IN A 192.168.0.1"
local-data: "max.rethinkdns.com. 120 IN A 192.168.0.1"
local-data: "dns.levonet.sk. 120 IN A 192.168.0.1"
local-data: "chromium.dns.nextdns.io. 120 IN A 192.168.0.1"
local-data: "dot.quickline.ch. 120 IN A 192.168.0.1"
local-data: "doh.quickline.ch. 120 IN A 192.168.0.1"

zcrayfish (talkcontribssend email) 06:51, 15 February 2024 (UTC)

Retrieved from "https://wiki.alpinelinux.org/w/index.php?title=Talk:Using_Unbound_as_an_Ad-blocker&oldid=26400"