Talk:Using Unbound as an Ad-blocker: Difference between revisions
(Created page with "==Proposal to remove entire background section== I think that the background section adds NOTHING to this article. The article is about unbound, but the entire background section seems to refer to pi-hole... It's funny because the article title doesn't mention pi-hole at all. Unbound is a perfectly functional way to add advertising blocking without any of the pi-hole nonsense. I propose that the background section either be completely removed, or at least stripped of r...") |
(Done.) |
||
| (One intermediate revision by one other user not shown) | |||
| Line 1: | Line 1: | ||
== | ==Mention of modern browsers' attempts to bypass DNS blocking of ad servers== | ||
The article could also use an entire section explaining how modern browsers, especially Chrome, attempt to use DNS over HTTPS to bypass the system configured DNS server under the guise of privacy (but lets face it, Google has financial incentive to prevent people from blocking ad.doubleclick.com)... An unbound configuration that prevents bootstrapping of popular DoH servers could help. Something like: | |||
<div class="toccolours mw-collapsible mw-collapsed"><div class="mw-collapsible-content"><pre> | |||
server: | |||
–[[User:zcrayfish|zcrayfish]] <small>([[User talk:zcrayfish|talk]]•[[Special:Contributions/zcrayfish|contribs]]•[[Special:EmailUser/zcrayfish|send email]])</small> 06: | #These three domains require special handling | ||
local-zone: "resolver.arpa" redirect | |||
local-zone: "doh.dns.apple.com" redirect | |||
local-zone: "use-application-dns.net" always_nxdomain | |||
local-zone: "cloudflare-dns.com" static | |||
local-zone: "dns-tunnel-check.googlezip.net" always_refuse | |||
#All other domains, lie and provide our own IP | |||
local-data: "doh.dns.apple.com.v.aaplimg.com. 120 IN A 192.168.0.1" | |||
local-data: "doh.42l.fr. 120 IN A 192.168.0.1" | |||
local-data: "i.233py.com. 120 IN A 192.168.0.1" | |||
local-data: "i.233py.com.a.bdydns.com. 120 IN A 192.168.0.1" | |||
local-data: "opencdn.jomodns.com. 120 IN A 192.168.0.1" | |||
local-data: "dns.233py.com. 120 IN A 192.168.0.1" | |||
local-data: "dns.233py.com.cdn.cloudflare.net. 120 IN A 192.168.0.1" | |||
local-data: "edns.233py.com. 120 IN A 192.168.0.1" | |||
local-data: "ndns.233py.com. 120 IN A 192.168.0.1" | |||
local-data: "sdns.233py.com. 120 IN A 192.168.0.1" | |||
local-data: "wdns.233py.com. 120 IN A 192.168.0.1" | |||
local-data: "dns-gcp.aaflalo.me. 120 IN A 192.168.0.1" | |||
local-data: "dns-nyc.aaflalo.me. 120 IN A 192.168.0.1" | |||
local-data: "dns.aaflalo.me. 120 IN A 192.168.0.1" | |||
local-data: "doh.abmb.win. 120 IN A 192.168.0.1" | |||
local-data: "doh2.abmb.win. 120 IN A 192.168.0.1" | |||
local-data: "dns.adguard.com. 120 IN A 192.168.0.1" | |||
local-data: "dns-family.adguard.com. 120 IN A 192.168.0.1" | |||
local-data: "dns-unfiltered.adguard.com. 120 IN A 192.168.0.1" | |||
local-data: "dns.adguard-dns.com. 120 IN A 192.168.0.1" | |||
local-data: "family.adguard-dns.com. 120 IN A 192.168.0.1" | |||
local-data: "unfiltered.adguard-dns.com. 120 IN A 192.168.0.1" | |||
local-data: "doh.nl.ahadns.net. 120 IN A 192.168.0.1" | |||
local-data: "doh.in.ahadns.net. 120 IN A 192.168.0.1" | |||
local-data: "doh.la.ahadns.net. 120 IN A 192.168.0.1" | |||
local-data: "doh.ny.ahadns.net. 120 IN A 192.168.0.1" | |||
local-data: "doh.pl.ahadns.net. 120 IN A 192.168.0.1" | |||
local-data: "doh.it.ahadns.net. 120 IN A 192.168.0.1" | |||
local-data: "doh.es.ahadns.net. 120 IN A 192.168.0.1" | |||
local-data: "doh.no.ahadns.net. 120 IN A 192.168.0.1" | |||
local-data: "doh.chi.ahadns.net. 120 IN A 192.168.0.1" | |||
local-data: "doh.au.ahadns.net. 120 IN A 192.168.0.1" | |||
local-data: "dot.nl.ahadns.net. 120 IN A 192.168.0.1" | |||
local-data: "dot.in.ahadns.net. 120 IN A 192.168.0.1" | |||
local-data: "dot.la.ahadns.net. 120 IN A 192.168.0.1" | |||
local-data: "dot.ny.ahadns.net. 120 IN A 192.168.0.1" | |||
local-data: "dot.pl.ahadns.net. 120 IN A 192.168.0.1" | |||
local-data: "dot.it.ahadns.net. 120 IN A 192.168.0.1" | |||
local-data: "dot.es.ahadns.net. 120 IN A 192.168.0.1" | |||
local-data: "dot.no.ahadns.net. 120 IN A 192.168.0.1" | |||
local-data: "dot.chi.ahadns.net. 120 IN A 192.168.0.1" | |||
local-data: "dot.au.ahadns.net. 120 IN A 192.168.0.1" | |||
local-data: "dnses.alekberg.net. 120 IN A 192.168.0.1" | |||
local-data: "dnsnl.alekberg.net. 120 IN A 192.168.0.1" | |||
local-data: "dnsse.alekberg.net. 120 IN A 192.168.0.1" | |||
local-data: "dns.alidns.com. 120 IN A 192.168.0.1" | |||
local-data: "doh.appliedprivacy.net. 120 IN A 192.168.0.1" | |||
local-data: "doh.applied-privacy.net. 120 IN A 192.168.0.1" | |||
local-data: "dot1.applied-privacy.net. 120 IN A 192.168.0.1" | |||
local-data: "doh.armadillodns.net. 120 IN A 192.168.0.1" | |||
local-data: "dohtrial.att.net. 120 IN A 192.168.0.1" | |||
local-data: "doh1.blahdns.com. 120 IN A 192.168.0.1" | |||
local-data: "doh1.b-cdn.net. 120 IN A 192.168.0.1" | |||
local-data: "doh2.blahdns.com. 120 IN A 192.168.0.1" | |||
local-data: "doh2.b-cdn.net. 120 IN A 192.168.0.1" | |||
local-data: "dot-ch.blahdns.com. 120 IN A 192.168.0.1" | |||
local-data: "doh-ch.blahdns.com. 120 IN A 192.168.0.1" | |||
local-data: "dot-fi.blahdns.com. 120 IN A 192.168.0.1" | |||
local-data: "doh-fi.blahdns.com. 120 IN A 192.168.0.1" | |||
local-data: "dot-de.blahdns.com. 120 IN A 192.168.0.1" | |||
local-data: "doh-de.blahdns.com. 120 IN A 192.168.0.1" | |||
local-data: "dot-jp.blahdns.com. 120 IN A 192.168.0.1" | |||
local-data: "doh-jp.blahdns.com. 120 IN A 192.168.0.1" | |||
local-data: "dot-sg.blahdns.com. 120 IN A 192.168.0.1" | |||
local-data: "doh-sg.blahdns.com. 120 IN A 192.168.0.1" | |||
local-data: "doh.blockerdns.com. 120 IN A 192.168.0.1" | |||
local-data: "doh.bortzmeyer.fr. 120 IN A 192.168.0.1" | |||
local-data: "dns.brahma.world. 120 IN A 192.168.0.1" | |||
local-data: "bravedns.com. 120 IN A 192.168.0.1" | |||
local-data: "doh.captnemo.in. 120 IN A 192.168.0.1" | |||
local-data: "ibuki.cgnat.net. 120 IN A 192.168.0.1" | |||
local-data: "canadianshield.cira.ca. 120 IN A 192.168.0.1" | |||
local-data: "dns.cloudflare.com. 120 IN A 192.168.0.1" | |||
local-data: "one.one.one.one. 120 IN A 192.168.0.1" | |||
local-data: "cloudflare-gateway.com. 120 IN A 192.168.0.1" | |||
local-data: "doh.cleanbrowsing.org. 120 IN A 192.168.0.1" | |||
local-data: "security-filter-dns.cleanbrowsing.org. 120 IN A 192.168.0.1" | |||
local-data: "adult-filter-dns.cleanbrowsing.org. 120 IN A 192.168.0.1" | |||
local-data: "family-filter-dns.cleanbrowsing.org. 120 IN A 192.168.0.1" | |||
local-data: "dns.cmrg.net. 120 IN A 192.168.0.1" | |||
local-data: "commons.host. 120 IN A 192.168.0.1" | |||
local-data: "dns.containerpi.com. 120 IN A 192.168.0.1" | |||
local-data: "dohdot.coxlab.net. 120 IN A 192.168.0.1" | |||
local-data: "doh.crypto.sx. 120 IN A 192.168.0.1" | |||
local-data: "jit.ddns.net. 120 IN A 192.168.0.1" | |||
local-data: "dns.decloudus.com. 120 IN A 192.168.0.1" | |||
local-data: "doh.defaultroutes.de. 120 IN A 192.168.0.1" | |||
local-data: "dns.developer.li. 120 IN A 192.168.0.1" | |||
local-data: "dns2.developer.li. 120 IN A 192.168.0.1" | |||
local-data: "dns.digitale-gesellschaft.ch. 120 IN A 192.168.0.1" | |||
local-data: "dns1.digitale-gesellschaft.ch. 120 IN A 192.168.0.1" | |||
local-data: "dns2.digitale-gesellschaft.ch. 120 IN A 192.168.0.1" | |||
local-data: "doh.disconnect.app. 120 IN A 192.168.0.1" | |||
local-data: "ns1.recursive.dnsbycomodo.com. 120 IN A 192.168.0.1" | |||
local-data: "ns2.recursive.dnsbycomodo.com. 120 IN A 192.168.0.1" | |||
local-data: "dnsforge.de. 120 IN A 192.168.0.1" | |||
local-data: "dns.google. 120 IN A 192.168.0.1" | |||
local-data: "dns.dnshome.de. 120 IN A 192.168.0.1" | |||
local-data: "dns1.dnscrypt.ca. 120 IN A 192.168.0.1" | |||
local-data: "dns2.dnscrypt.ca. 120 IN A 192.168.0.1" | |||
local-data: "doh.dnslify.com. 120 IN A 192.168.0.1" | |||
local-data: "a.ns.dnslify.com. 120 IN A 192.168.0.1" | |||
local-data: "b.ns.dnslify.com. 120 IN A 192.168.0.1" | |||
local-data: "a.safe.ns.dnslify.com. 120 IN A 192.168.0.1" | |||
local-data: "b.safe.ns.dnslify.com. 120 IN A 192.168.0.1" | |||
local-data: "a.family.ns.dnslify.com. 120 IN A 192.168.0.1" | |||
local-data: "b.family.ns.dnslify.com. 120 IN A 192.168.0.1" | |||
local-data: "dns.dnsoverhttps.net. 120 IN A 192.168.0.1" | |||
local-data: "dns.dns-over-https.com. 120 IN A 192.168.0.1" | |||
local-data: "adblock-dot.dnswarden.com. 120 IN A 192.168.0.1" | |||
local-data: "adult-filter-dot.dnswarden.com. 120 IN A 192.168.0.1" | |||
local-data: "doh.dnswarden.com. 120 IN A 192.168.0.1" | |||
local-data: "ecs-doh.dnswarden.com. 120 IN A 192.168.0.1" | |||
local-data: "uncensored-dot.dnswarden.com. 120 IN A 192.168.0.1" | |||
local-data: "doh.li. 120 IN A 192.168.0.1" | |||
local-data: "doh.ffmuc.net. 120 IN A 192.168.0.1" | |||
local-data: "dot.ffmuc.net. 120 IN A 192.168.0.1" | |||
local-data: "rdns.faelix.net. 120 IN A 192.168.0.1" | |||
local-data: "pdns.faelix.net. 120 IN A 192.168.0.1" | |||
local-data: "dns.flatuslifir.is. 120 IN A 192.168.0.1" | |||
local-data: "dns.google.com. 120 IN A 192.168.0.1" | |||
local-data: "google-public-dns-a.google.com. 120 IN A 192.168.0.1" | |||
local-data: "google-public-dns-b.google.com. 120 IN A 192.168.0.1" | |||
local-data: "query.hdns.io. 120 IN A 192.168.0.1" | |||
local-data: "ordns.he.net. 120 IN A 192.168.0.1" | |||
local-data: "dns.hostux.net. 120 IN A 192.168.0.1" | |||
local-data: "opennic.i2pd.xyz. 120 IN A 192.168.0.1" | |||
local-data: "public.dns.iij.jp. 120 IN A 192.168.0.1" | |||
local-data: "jcdns.fun. 120 IN A 192.168.0.1" | |||
local-data: "us1.dns.lavate.ch. 120 IN A 192.168.0.1" | |||
local-data: "eu1.dns.lavate.ch. 120 IN A 192.168.0.1" | |||
local-data: "resolver-eu.lelux.fi. 120 IN A 192.168.0.1" | |||
local-data: "doh.libredns.org. 120 IN A 192.168.0.1" | |||
local-data: "dot.libredns.gr.com. 120 IN A 192.168.0.1" | |||
local-data: "dot.libredns.gr. 120 IN A 192.168.0.1" | |||
local-data: "doh.libredns.gr. 120 IN A 192.168.0.1" | |||
local-data: "jarjar.meganerd.nl. 120 IN A 192.168.0.1" | |||
local-data: "dns.mrkaran.dev. 120 IN A 192.168.0.1" | |||
local-data: "adblock.mydns.network. 120 IN A 192.168.0.1" | |||
local-data: "dns.neutopia.org. 120 IN A 192.168.0.1" | |||
local-data: "dns.aa.net.uk. 120 IN A 192.168.0.1" | |||
local-data: "doh.netweaver.uk. 120 IN A 192.168.0.1" | |||
local-data: "dns.nextdns.io. 120 IN A 192.168.0.1" | |||
local-data: "dns1.nextdns.io. 120 IN A 192.168.0.1" | |||
local-data: "dns2.nextdns.io. 120 IN A 192.168.0.1" | |||
local-data: "odvr.nic.cz. 120 IN A 192.168.0.1" | |||
local-data: "dns.nixnet.xyz. 120 IN A 192.168.0.1" | |||
local-data: "lv1.nixnet.xyz. 120 IN A 192.168.0.1" | |||
local-data: "ny1.nixnet.xyz. 120 IN A 192.168.0.1" | |||
local-data: "lux1.nixnet.xyz. 120 IN A 192.168.0.1" | |||
local-data: "dns.njal.la. 120 IN A 192.168.0.1" | |||
local-data: "doh.opendns.com. 120 IN A 192.168.0.1" | |||
local-data: "doh.familyshield.opendns.com. 120 IN A 192.168.0.1" | |||
local-data: "doh.sandbox.opendns.com. 120 IN A 192.168.0.1" | |||
local-data: "resolver1.opendns.com. 120 IN A 192.168.0.1" | |||
local-data: "resolver2.opendns.com. 120 IN A 192.168.0.1" | |||
local-data: "resolver1-fs.opendns.com. 120 IN A 192.168.0.1" | |||
local-data: "resolver2-fs.opendns.com. 120 IN A 192.168.0.1" | |||
local-data: "dns.oszx.co. 120 IN A 192.168.0.1" | |||
local-data: "a.passcloud.xyz. 120 IN A 192.168.0.1" | |||
local-data: "i.passcloud.xyz. 120 IN A 192.168.0.1" | |||
local-data: "doh.post-factum.tk. 120 IN A 192.168.0.1" | |||
local-data: "doh.powerdns.org. 120 IN A 192.168.0.1" | |||
local-data: "rpz-public-resolver1.rrdns.pch.net. 120 IN A 192.168.0.1" | |||
local-data: "dns.pumplex.com. 120 IN A 192.168.0.1" | |||
local-data: "dns.quad9.net. 120 IN A 192.168.0.1" | |||
local-data: "dns9.quad9.net. 120 IN A 192.168.0.1" | |||
local-data: "dns10.quad9.net. 120 IN A 192.168.0.1" | |||
local-data: "dns11.quad9.net. 120 IN A 192.168.0.1" | |||
local-data: "dns12.quad9.net. 120 IN A 192.168.0.1" | |||
local-data: "dns13.quad9.net. 120 IN A 192.168.0.1" | |||
local-data: "dns-nosec.quad9.net. 120 IN A 192.168.0.1" | |||
local-data: "dns.rubyfish.cn. 120 IN A 192.168.0.1" | |||
local-data: "ea-dns.rubyfish.cn. 120 IN A 192.168.0.1" | |||
local-data: "uw-dns.rubyfish.cn. 120 IN A 192.168.0.1" | |||
local-data: "rumpelsepp.org. 120 IN A 192.168.0.1" | |||
local-data: "dns1.ryan-palmer.com. 120 IN A 192.168.0.1" | |||
local-data: "doh.securedns.eu. 120 IN A 192.168.0.1" | |||
local-data: "ads-doh.securedns.eu. 120 IN A 192.168.0.1" | |||
local-data: "dot.securedns.eu. 120 IN A 192.168.0.1" | |||
local-data: "doh.seby.io. 120 IN A 192.168.0.1" | |||
local-data: "doh-2.seby.io. 120 IN A 192.168.0.1" | |||
local-data: "dot.seby.io. 120 IN A 192.168.0.1" | |||
local-data: "2.dnscrypt-cert.dns.seby.io. 120 IN A 192.168.0.1" | |||
local-data: "dnsovertls.sinodun.com. 120 IN A 192.168.0.1" | |||
local-data: "dnsovertls1.sinodun.com. 120 IN A 192.168.0.1" | |||
local-data: "dnsovertls2.sinodun.com. 120 IN A 192.168.0.1" | |||
local-data: "dnsovertls3.sinodun.com. 120 IN A 192.168.0.1" | |||
local-data: "fi.doh.dns.snopyta.org. 120 IN A 192.168.0.1" | |||
local-data: "fi.dot.dns.snopyta.org. 120 IN A 192.168.0.1" | |||
local-data: "dns.switch.ch. 120 IN A 192.168.0.1" | |||
local-data: "ibksturm.synology.me. 120 IN A 192.168.0.1" | |||
local-data: "dns.t53.de. 120 IN A 192.168.0.1" | |||
local-data: "dns.therifleman.name. 120 IN A 192.168.0.1" | |||
local-data: "doh.tiar.app. 120 IN A 192.168.0.1" | |||
local-data: "dot.tiar.app. 120 IN A 192.168.0.1" | |||
local-data: "doh.tiarap.org. 120 IN A 192.168.0.1" | |||
local-data: "jp.tiar.app. 120 IN A 192.168.0.1" | |||
local-data: "jp.tiarap.org. 120 IN A 192.168.0.1" | |||
local-data: "dns.twnic.tw. 120 IN A 192.168.0.1" | |||
local-data: "doh.this.web.id. 120 IN A 192.168.0.1" | |||
local-data: "dns.wugui.zone. 120 IN A 192.168.0.1" | |||
local-data: "dns-asia.wugui.zone. 120 IN A 192.168.0.1" | |||
local-data: "adfree.usableprivacy.net. 120 IN A 192.168.0.1" | |||
local-data: "doh.xfinity.com. 120 IN A 192.168.0.1" | |||
local-data: "doh.gslb2.xfinity.com. 120 IN A 192.168.0.1" | |||
local-data: "fdns1.dismail.de. 120 IN A 192.168.0.1" | |||
local-data: "fdns2.dismail.de. 120 IN A 192.168.0.1" | |||
local-data: "anycast.censurfridns.dk. 120 IN A 192.168.0.1" | |||
local-data: "unicast.censurfridns.dk. 120 IN A 192.168.0.1" | |||
local-data: "anycast.uncensoreddns.org. 120 IN A 192.168.0.1" | |||
local-data: "unicast.uncensoreddns.org. 120 IN A 192.168.0.1" | |||
local-data: "dns.comss.one. 120 IN A 192.168.0.1" | |||
local-data: "dns.east.comss.one. 120 IN A 192.168.0.1" | |||
local-data: "dns-doh.dnsforfamily.com. 120 IN A 192.168.0.1" | |||
local-data: "dns-dot.dnsforfamily.com. 120 IN A 192.168.0.1" | |||
local-data: "dns.cfiec.net. 120 IN A 192.168.0.1" | |||
local-data: "asia.dnscepat.id. 120 IN A 192.168.0.1" | |||
local-data: "eropa.dnscepat.id. 120 IN A 192.168.0.1" | |||
local-data: "doh.360.cn. 120 IN A 192.168.0.1" | |||
local-data: "dot.360.cn. 120 IN A 192.168.0.1" | |||
local-data: "doh.pub. 120 IN A 192.168.0.1" | |||
local-data: "dns.pub. 120 IN A 192.168.0.1" | |||
local-data: "dot.pub. 120 IN A 192.168.0.1" | |||
local-data: "kaitain.restena.lu. 120 IN A 192.168.0.1" | |||
local-data: "getdnsapi.net. 120 IN A 192.168.0.1" | |||
local-data: "dns.larsdebruin.net. 120 IN A 192.168.0.1" | |||
local-data: "dns-tls.bitwiseshift.net. 120 IN A 192.168.0.1" | |||
local-data: "ns1.dnsprivacy.at. 120 IN A 192.168.0.1" | |||
local-data: "ns2.dnsprivacy.at. 120 IN A 192.168.0.1" | |||
local-data: "dns.bitgeek.in. 120 IN A 192.168.0.1" | |||
local-data: "privacydns.go6lab.si. 120 IN A 192.168.0.1" | |||
local-data: "dnsotls.lab.nic.cl. 120 IN A 192.168.0.1" | |||
local-data: "tls-dns-u.odvr.dns-oarc.net. 120 IN A 192.168.0.1" | |||
local-data: "doh.centraleu.pi-dns.com. 120 IN A 192.168.0.1" | |||
local-data: "dot.centraleu.pi-dns.com. 120 IN A 192.168.0.1" | |||
local-data: "doh.northeu.pi-dns.com. 120 IN A 192.168.0.1" | |||
local-data: "dot.northeu.pi-dns.com. 120 IN A 192.168.0.1" | |||
local-data: "doh.westus.pi-dns.com. 120 IN A 192.168.0.1" | |||
local-data: "dot.westus.pi-dns.com. 120 IN A 192.168.0.1" | |||
local-data: "doh.eastus.pi-dns.com. 120 IN A 192.168.0.1" | |||
local-data: "dot.eastus.pi-dns.com. 120 IN A 192.168.0.1" | |||
local-data: "doh.eastau.pi-dns.com. 120 IN A 192.168.0.1" | |||
local-data: "dot.eastau.pi-dns.com. 120 IN A 192.168.0.1" | |||
local-data: "doh.eastas.pi-dns.com. 120 IN A 192.168.0.1" | |||
local-data: "dot.eastas.pi-dns.com. 120 IN A 192.168.0.1" | |||
local-data: "doh.pi-dns.com. 120 IN A 192.168.0.1" | |||
local-data: "freedns.controld.com. 120 IN A 192.168.0.1" | |||
local-data: "doh.mullvad.net. 120 IN A 192.168.0.1" | |||
local-data: "dns.arapurayil.com. 120 IN A 192.168.0.1" | |||
local-data: "dot.xfinity.com. 120 IN A 192.168.0.1" | |||
local-data: "dot.cox.net. 120 IN A 192.168.0.1" | |||
local-data: "doh.cox.net. 120 IN A 192.168.0.1" | |||
local-data: "dns.sb. 120 IN A 192.168.0.1" | |||
local-data: "8888.google. 120 IN A 192.168.0.1" | |||
local-data: "doh.quickline.ch. 120 IN A 192.168.0.1" | |||
local-data: "doh-02.spectrum.com. 120 IN A 192.168.0.1" | |||
local-data: "doh-01.spectrum.com. 120 IN A 192.168.0.1" | |||
local-data: "mask.icloud.com. 120 IN A 192.168.0.1" | |||
local-data: "mask-h2.icloud.com. 120 IN A 192.168.0.1" | |||
local-data: "dandelionsprout.asuscomm.com. 120 IN A 192.168.0.1" | |||
local-data: "basic.rethinkdns.com. 120 IN A 192.168.0.1" | |||
local-data: "max.rethinkdns.com. 120 IN A 192.168.0.1" | |||
local-data: "dns.levonet.sk. 120 IN A 192.168.0.1" | |||
local-data: "chromium.dns.nextdns.io. 120 IN A 192.168.0.1" | |||
local-data: "dot.quickline.ch. 120 IN A 192.168.0.1" | |||
local-data: "doh.quickline.ch. 120 IN A 192.168.0.1" | |||
</pre></div></div> | |||
–[[User:zcrayfish|zcrayfish]] <small>([[User talk:zcrayfish|talk]]•[[Special:Contributions/zcrayfish|contribs]]•[[Special:EmailUser/zcrayfish|send email]])</small> 06:51, 15 February 2024 (UTC) | |||
Latest revision as of 03:47, 16 February 2024
Mention of modern browsers' attempts to bypass DNS blocking of ad servers
The article could also use an entire section explaining how modern browsers, especially Chrome, attempt to use DNS over HTTPS to bypass the system configured DNS server under the guise of privacy (but lets face it, Google has financial incentive to prevent people from blocking ad.doubleclick.com)... An unbound configuration that prevents bootstrapping of popular DoH servers could help. Something like:
server: #These three domains require special handling local-zone: "resolver.arpa" redirect local-zone: "doh.dns.apple.com" redirect local-zone: "use-application-dns.net" always_nxdomain local-zone: "cloudflare-dns.com" static local-zone: "dns-tunnel-check.googlezip.net" always_refuse #All other domains, lie and provide our own IP local-data: "doh.dns.apple.com.v.aaplimg.com. 120 IN A 192.168.0.1" local-data: "doh.42l.fr. 120 IN A 192.168.0.1" local-data: "i.233py.com. 120 IN A 192.168.0.1" local-data: "i.233py.com.a.bdydns.com. 120 IN A 192.168.0.1" local-data: "opencdn.jomodns.com. 120 IN A 192.168.0.1" local-data: "dns.233py.com. 120 IN A 192.168.0.1" local-data: "dns.233py.com.cdn.cloudflare.net. 120 IN A 192.168.0.1" local-data: "edns.233py.com. 120 IN A 192.168.0.1" local-data: "ndns.233py.com. 120 IN A 192.168.0.1" local-data: "sdns.233py.com. 120 IN A 192.168.0.1" local-data: "wdns.233py.com. 120 IN A 192.168.0.1" local-data: "dns-gcp.aaflalo.me. 120 IN A 192.168.0.1" local-data: "dns-nyc.aaflalo.me. 120 IN A 192.168.0.1" local-data: "dns.aaflalo.me. 120 IN A 192.168.0.1" local-data: "doh.abmb.win. 120 IN A 192.168.0.1" local-data: "doh2.abmb.win. 120 IN A 192.168.0.1" local-data: "dns.adguard.com. 120 IN A 192.168.0.1" local-data: "dns-family.adguard.com. 120 IN A 192.168.0.1" local-data: "dns-unfiltered.adguard.com. 120 IN A 192.168.0.1" local-data: "dns.adguard-dns.com. 120 IN A 192.168.0.1" local-data: "family.adguard-dns.com. 120 IN A 192.168.0.1" local-data: "unfiltered.adguard-dns.com. 120 IN A 192.168.0.1" local-data: "doh.nl.ahadns.net. 120 IN A 192.168.0.1" local-data: "doh.in.ahadns.net. 120 IN A 192.168.0.1" local-data: "doh.la.ahadns.net. 120 IN A 192.168.0.1" local-data: "doh.ny.ahadns.net. 120 IN A 192.168.0.1" local-data: "doh.pl.ahadns.net. 120 IN A 192.168.0.1" local-data: "doh.it.ahadns.net. 120 IN A 192.168.0.1" local-data: "doh.es.ahadns.net. 120 IN A 192.168.0.1" local-data: "doh.no.ahadns.net. 120 IN A 192.168.0.1" local-data: "doh.chi.ahadns.net. 120 IN A 192.168.0.1" local-data: "doh.au.ahadns.net. 120 IN A 192.168.0.1" local-data: "dot.nl.ahadns.net. 120 IN A 192.168.0.1" local-data: "dot.in.ahadns.net. 120 IN A 192.168.0.1" local-data: "dot.la.ahadns.net. 120 IN A 192.168.0.1" local-data: "dot.ny.ahadns.net. 120 IN A 192.168.0.1" local-data: "dot.pl.ahadns.net. 120 IN A 192.168.0.1" local-data: "dot.it.ahadns.net. 120 IN A 192.168.0.1" local-data: "dot.es.ahadns.net. 120 IN A 192.168.0.1" local-data: "dot.no.ahadns.net. 120 IN A 192.168.0.1" local-data: "dot.chi.ahadns.net. 120 IN A 192.168.0.1" local-data: "dot.au.ahadns.net. 120 IN A 192.168.0.1" local-data: "dnses.alekberg.net. 120 IN A 192.168.0.1" local-data: "dnsnl.alekberg.net. 120 IN A 192.168.0.1" local-data: "dnsse.alekberg.net. 120 IN A 192.168.0.1" local-data: "dns.alidns.com. 120 IN A 192.168.0.1" local-data: "doh.appliedprivacy.net. 120 IN A 192.168.0.1" local-data: "doh.applied-privacy.net. 120 IN A 192.168.0.1" local-data: "dot1.applied-privacy.net. 120 IN A 192.168.0.1" local-data: "doh.armadillodns.net. 120 IN A 192.168.0.1" local-data: "dohtrial.att.net. 120 IN A 192.168.0.1" local-data: "doh1.blahdns.com. 120 IN A 192.168.0.1" local-data: "doh1.b-cdn.net. 120 IN A 192.168.0.1" local-data: "doh2.blahdns.com. 120 IN A 192.168.0.1" local-data: "doh2.b-cdn.net. 120 IN A 192.168.0.1" local-data: "dot-ch.blahdns.com. 120 IN A 192.168.0.1" local-data: "doh-ch.blahdns.com. 120 IN A 192.168.0.1" local-data: "dot-fi.blahdns.com. 120 IN A 192.168.0.1" local-data: "doh-fi.blahdns.com. 120 IN A 192.168.0.1" local-data: "dot-de.blahdns.com. 120 IN A 192.168.0.1" local-data: "doh-de.blahdns.com. 120 IN A 192.168.0.1" local-data: "dot-jp.blahdns.com. 120 IN A 192.168.0.1" local-data: "doh-jp.blahdns.com. 120 IN A 192.168.0.1" local-data: "dot-sg.blahdns.com. 120 IN A 192.168.0.1" local-data: "doh-sg.blahdns.com. 120 IN A 192.168.0.1" local-data: "doh.blockerdns.com. 120 IN A 192.168.0.1" local-data: "doh.bortzmeyer.fr. 120 IN A 192.168.0.1" local-data: "dns.brahma.world. 120 IN A 192.168.0.1" local-data: "bravedns.com. 120 IN A 192.168.0.1" local-data: "doh.captnemo.in. 120 IN A 192.168.0.1" local-data: "ibuki.cgnat.net. 120 IN A 192.168.0.1" local-data: "canadianshield.cira.ca. 120 IN A 192.168.0.1" local-data: "dns.cloudflare.com. 120 IN A 192.168.0.1" local-data: "one.one.one.one. 120 IN A 192.168.0.1" local-data: "cloudflare-gateway.com. 120 IN A 192.168.0.1" local-data: "doh.cleanbrowsing.org. 120 IN A 192.168.0.1" local-data: "security-filter-dns.cleanbrowsing.org. 120 IN A 192.168.0.1" local-data: "adult-filter-dns.cleanbrowsing.org. 120 IN A 192.168.0.1" local-data: "family-filter-dns.cleanbrowsing.org. 120 IN A 192.168.0.1" local-data: "dns.cmrg.net. 120 IN A 192.168.0.1" local-data: "commons.host. 120 IN A 192.168.0.1" local-data: "dns.containerpi.com. 120 IN A 192.168.0.1" local-data: "dohdot.coxlab.net. 120 IN A 192.168.0.1" local-data: "doh.crypto.sx. 120 IN A 192.168.0.1" local-data: "jit.ddns.net. 120 IN A 192.168.0.1" local-data: "dns.decloudus.com. 120 IN A 192.168.0.1" local-data: "doh.defaultroutes.de. 120 IN A 192.168.0.1" local-data: "dns.developer.li. 120 IN A 192.168.0.1" local-data: "dns2.developer.li. 120 IN A 192.168.0.1" local-data: "dns.digitale-gesellschaft.ch. 120 IN A 192.168.0.1" local-data: "dns1.digitale-gesellschaft.ch. 120 IN A 192.168.0.1" local-data: "dns2.digitale-gesellschaft.ch. 120 IN A 192.168.0.1" local-data: "doh.disconnect.app. 120 IN A 192.168.0.1" local-data: "ns1.recursive.dnsbycomodo.com. 120 IN A 192.168.0.1" local-data: "ns2.recursive.dnsbycomodo.com. 120 IN A 192.168.0.1" local-data: "dnsforge.de. 120 IN A 192.168.0.1" local-data: "dns.google. 120 IN A 192.168.0.1" local-data: "dns.dnshome.de. 120 IN A 192.168.0.1" local-data: "dns1.dnscrypt.ca. 120 IN A 192.168.0.1" local-data: "dns2.dnscrypt.ca. 120 IN A 192.168.0.1" local-data: "doh.dnslify.com. 120 IN A 192.168.0.1" local-data: "a.ns.dnslify.com. 120 IN A 192.168.0.1" local-data: "b.ns.dnslify.com. 120 IN A 192.168.0.1" local-data: "a.safe.ns.dnslify.com. 120 IN A 192.168.0.1" local-data: "b.safe.ns.dnslify.com. 120 IN A 192.168.0.1" local-data: "a.family.ns.dnslify.com. 120 IN A 192.168.0.1" local-data: "b.family.ns.dnslify.com. 120 IN A 192.168.0.1" local-data: "dns.dnsoverhttps.net. 120 IN A 192.168.0.1" local-data: "dns.dns-over-https.com. 120 IN A 192.168.0.1" local-data: "adblock-dot.dnswarden.com. 120 IN A 192.168.0.1" local-data: "adult-filter-dot.dnswarden.com. 120 IN A 192.168.0.1" local-data: "doh.dnswarden.com. 120 IN A 192.168.0.1" local-data: "ecs-doh.dnswarden.com. 120 IN A 192.168.0.1" local-data: "uncensored-dot.dnswarden.com. 120 IN A 192.168.0.1" local-data: "doh.li. 120 IN A 192.168.0.1" local-data: "doh.ffmuc.net. 120 IN A 192.168.0.1" local-data: "dot.ffmuc.net. 120 IN A 192.168.0.1" local-data: "rdns.faelix.net. 120 IN A 192.168.0.1" local-data: "pdns.faelix.net. 120 IN A 192.168.0.1" local-data: "dns.flatuslifir.is. 120 IN A 192.168.0.1" local-data: "dns.google.com. 120 IN A 192.168.0.1" local-data: "google-public-dns-a.google.com. 120 IN A 192.168.0.1" local-data: "google-public-dns-b.google.com. 120 IN A 192.168.0.1" local-data: "query.hdns.io. 120 IN A 192.168.0.1" local-data: "ordns.he.net. 120 IN A 192.168.0.1" local-data: "dns.hostux.net. 120 IN A 192.168.0.1" local-data: "opennic.i2pd.xyz. 120 IN A 192.168.0.1" local-data: "public.dns.iij.jp. 120 IN A 192.168.0.1" local-data: "jcdns.fun. 120 IN A 192.168.0.1" local-data: "us1.dns.lavate.ch. 120 IN A 192.168.0.1" local-data: "eu1.dns.lavate.ch. 120 IN A 192.168.0.1" local-data: "resolver-eu.lelux.fi. 120 IN A 192.168.0.1" local-data: "doh.libredns.org. 120 IN A 192.168.0.1" local-data: "dot.libredns.gr.com. 120 IN A 192.168.0.1" local-data: "dot.libredns.gr. 120 IN A 192.168.0.1" local-data: "doh.libredns.gr. 120 IN A 192.168.0.1" local-data: "jarjar.meganerd.nl. 120 IN A 192.168.0.1" local-data: "dns.mrkaran.dev. 120 IN A 192.168.0.1" local-data: "adblock.mydns.network. 120 IN A 192.168.0.1" local-data: "dns.neutopia.org. 120 IN A 192.168.0.1" local-data: "dns.aa.net.uk. 120 IN A 192.168.0.1" local-data: "doh.netweaver.uk. 120 IN A 192.168.0.1" local-data: "dns.nextdns.io. 120 IN A 192.168.0.1" local-data: "dns1.nextdns.io. 120 IN A 192.168.0.1" local-data: "dns2.nextdns.io. 120 IN A 192.168.0.1" local-data: "odvr.nic.cz. 120 IN A 192.168.0.1" local-data: "dns.nixnet.xyz. 120 IN A 192.168.0.1" local-data: "lv1.nixnet.xyz. 120 IN A 192.168.0.1" local-data: "ny1.nixnet.xyz. 120 IN A 192.168.0.1" local-data: "lux1.nixnet.xyz. 120 IN A 192.168.0.1" local-data: "dns.njal.la. 120 IN A 192.168.0.1" local-data: "doh.opendns.com. 120 IN A 192.168.0.1" local-data: "doh.familyshield.opendns.com. 120 IN A 192.168.0.1" local-data: "doh.sandbox.opendns.com. 120 IN A 192.168.0.1" local-data: "resolver1.opendns.com. 120 IN A 192.168.0.1" local-data: "resolver2.opendns.com. 120 IN A 192.168.0.1" local-data: "resolver1-fs.opendns.com. 120 IN A 192.168.0.1" local-data: "resolver2-fs.opendns.com. 120 IN A 192.168.0.1" local-data: "dns.oszx.co. 120 IN A 192.168.0.1" local-data: "a.passcloud.xyz. 120 IN A 192.168.0.1" local-data: "i.passcloud.xyz. 120 IN A 192.168.0.1" local-data: "doh.post-factum.tk. 120 IN A 192.168.0.1" local-data: "doh.powerdns.org. 120 IN A 192.168.0.1" local-data: "rpz-public-resolver1.rrdns.pch.net. 120 IN A 192.168.0.1" local-data: "dns.pumplex.com. 120 IN A 192.168.0.1" local-data: "dns.quad9.net. 120 IN A 192.168.0.1" local-data: "dns9.quad9.net. 120 IN A 192.168.0.1" local-data: "dns10.quad9.net. 120 IN A 192.168.0.1" local-data: "dns11.quad9.net. 120 IN A 192.168.0.1" local-data: "dns12.quad9.net. 120 IN A 192.168.0.1" local-data: "dns13.quad9.net. 120 IN A 192.168.0.1" local-data: "dns-nosec.quad9.net. 120 IN A 192.168.0.1" local-data: "dns.rubyfish.cn. 120 IN A 192.168.0.1" local-data: "ea-dns.rubyfish.cn. 120 IN A 192.168.0.1" local-data: "uw-dns.rubyfish.cn. 120 IN A 192.168.0.1" local-data: "rumpelsepp.org. 120 IN A 192.168.0.1" local-data: "dns1.ryan-palmer.com. 120 IN A 192.168.0.1" local-data: "doh.securedns.eu. 120 IN A 192.168.0.1" local-data: "ads-doh.securedns.eu. 120 IN A 192.168.0.1" local-data: "dot.securedns.eu. 120 IN A 192.168.0.1" local-data: "doh.seby.io. 120 IN A 192.168.0.1" local-data: "doh-2.seby.io. 120 IN A 192.168.0.1" local-data: "dot.seby.io. 120 IN A 192.168.0.1" local-data: "2.dnscrypt-cert.dns.seby.io. 120 IN A 192.168.0.1" local-data: "dnsovertls.sinodun.com. 120 IN A 192.168.0.1" local-data: "dnsovertls1.sinodun.com. 120 IN A 192.168.0.1" local-data: "dnsovertls2.sinodun.com. 120 IN A 192.168.0.1" local-data: "dnsovertls3.sinodun.com. 120 IN A 192.168.0.1" local-data: "fi.doh.dns.snopyta.org. 120 IN A 192.168.0.1" local-data: "fi.dot.dns.snopyta.org. 120 IN A 192.168.0.1" local-data: "dns.switch.ch. 120 IN A 192.168.0.1" local-data: "ibksturm.synology.me. 120 IN A 192.168.0.1" local-data: "dns.t53.de. 120 IN A 192.168.0.1" local-data: "dns.therifleman.name. 120 IN A 192.168.0.1" local-data: "doh.tiar.app. 120 IN A 192.168.0.1" local-data: "dot.tiar.app. 120 IN A 192.168.0.1" local-data: "doh.tiarap.org. 120 IN A 192.168.0.1" local-data: "jp.tiar.app. 120 IN A 192.168.0.1" local-data: "jp.tiarap.org. 120 IN A 192.168.0.1" local-data: "dns.twnic.tw. 120 IN A 192.168.0.1" local-data: "doh.this.web.id. 120 IN A 192.168.0.1" local-data: "dns.wugui.zone. 120 IN A 192.168.0.1" local-data: "dns-asia.wugui.zone. 120 IN A 192.168.0.1" local-data: "adfree.usableprivacy.net. 120 IN A 192.168.0.1" local-data: "doh.xfinity.com. 120 IN A 192.168.0.1" local-data: "doh.gslb2.xfinity.com. 120 IN A 192.168.0.1" local-data: "fdns1.dismail.de. 120 IN A 192.168.0.1" local-data: "fdns2.dismail.de. 120 IN A 192.168.0.1" local-data: "anycast.censurfridns.dk. 120 IN A 192.168.0.1" local-data: "unicast.censurfridns.dk. 120 IN A 192.168.0.1" local-data: "anycast.uncensoreddns.org. 120 IN A 192.168.0.1" local-data: "unicast.uncensoreddns.org. 120 IN A 192.168.0.1" local-data: "dns.comss.one. 120 IN A 192.168.0.1" local-data: "dns.east.comss.one. 120 IN A 192.168.0.1" local-data: "dns-doh.dnsforfamily.com. 120 IN A 192.168.0.1" local-data: "dns-dot.dnsforfamily.com. 120 IN A 192.168.0.1" local-data: "dns.cfiec.net. 120 IN A 192.168.0.1" local-data: "asia.dnscepat.id. 120 IN A 192.168.0.1" local-data: "eropa.dnscepat.id. 120 IN A 192.168.0.1" local-data: "doh.360.cn. 120 IN A 192.168.0.1" local-data: "dot.360.cn. 120 IN A 192.168.0.1" local-data: "doh.pub. 120 IN A 192.168.0.1" local-data: "dns.pub. 120 IN A 192.168.0.1" local-data: "dot.pub. 120 IN A 192.168.0.1" local-data: "kaitain.restena.lu. 120 IN A 192.168.0.1" local-data: "getdnsapi.net. 120 IN A 192.168.0.1" local-data: "dns.larsdebruin.net. 120 IN A 192.168.0.1" local-data: "dns-tls.bitwiseshift.net. 120 IN A 192.168.0.1" local-data: "ns1.dnsprivacy.at. 120 IN A 192.168.0.1" local-data: "ns2.dnsprivacy.at. 120 IN A 192.168.0.1" local-data: "dns.bitgeek.in. 120 IN A 192.168.0.1" local-data: "privacydns.go6lab.si. 120 IN A 192.168.0.1" local-data: "dnsotls.lab.nic.cl. 120 IN A 192.168.0.1" local-data: "tls-dns-u.odvr.dns-oarc.net. 120 IN A 192.168.0.1" local-data: "doh.centraleu.pi-dns.com. 120 IN A 192.168.0.1" local-data: "dot.centraleu.pi-dns.com. 120 IN A 192.168.0.1" local-data: "doh.northeu.pi-dns.com. 120 IN A 192.168.0.1" local-data: "dot.northeu.pi-dns.com. 120 IN A 192.168.0.1" local-data: "doh.westus.pi-dns.com. 120 IN A 192.168.0.1" local-data: "dot.westus.pi-dns.com. 120 IN A 192.168.0.1" local-data: "doh.eastus.pi-dns.com. 120 IN A 192.168.0.1" local-data: "dot.eastus.pi-dns.com. 120 IN A 192.168.0.1" local-data: "doh.eastau.pi-dns.com. 120 IN A 192.168.0.1" local-data: "dot.eastau.pi-dns.com. 120 IN A 192.168.0.1" local-data: "doh.eastas.pi-dns.com. 120 IN A 192.168.0.1" local-data: "dot.eastas.pi-dns.com. 120 IN A 192.168.0.1" local-data: "doh.pi-dns.com. 120 IN A 192.168.0.1" local-data: "freedns.controld.com. 120 IN A 192.168.0.1" local-data: "doh.mullvad.net. 120 IN A 192.168.0.1" local-data: "dns.arapurayil.com. 120 IN A 192.168.0.1" local-data: "dot.xfinity.com. 120 IN A 192.168.0.1" local-data: "dot.cox.net. 120 IN A 192.168.0.1" local-data: "doh.cox.net. 120 IN A 192.168.0.1" local-data: "dns.sb. 120 IN A 192.168.0.1" local-data: "8888.google. 120 IN A 192.168.0.1" local-data: "doh.quickline.ch. 120 IN A 192.168.0.1" local-data: "doh-02.spectrum.com. 120 IN A 192.168.0.1" local-data: "doh-01.spectrum.com. 120 IN A 192.168.0.1" local-data: "mask.icloud.com. 120 IN A 192.168.0.1" local-data: "mask-h2.icloud.com. 120 IN A 192.168.0.1" local-data: "dandelionsprout.asuscomm.com. 120 IN A 192.168.0.1" local-data: "basic.rethinkdns.com. 120 IN A 192.168.0.1" local-data: "max.rethinkdns.com. 120 IN A 192.168.0.1" local-data: "dns.levonet.sk. 120 IN A 192.168.0.1" local-data: "chromium.dns.nextdns.io. 120 IN A 192.168.0.1" local-data: "dot.quickline.ch. 120 IN A 192.168.0.1" local-data: "doh.quickline.ch. 120 IN A 192.168.0.1"
–zcrayfish (talk•contribs•send email) 06:51, 15 February 2024 (UTC)