Talk:Using Unbound as an Ad-blocker: Difference between revisions
m (Added a suggestion that includes a massive codeblock. Not sure how to work it in the article.) |
(Done.) |
||
Line 1: | Line 1: | ||
==Mention of modern browsers' attempts to bypass DNS blocking of ad servers== | ==Mention of modern browsers' attempts to bypass DNS blocking of ad servers== | ||
The article could also use an entire section explaining how modern browsers, especially Chrome, attempt to use DNS over HTTPS to bypass the system configured DNS server under the guise of privacy (but lets face it, Google has financial incentive to prevent people from blocking ad.doubleclick.com)... An unbound configuration that prevents bootstrapping of popular DoH servers could help. Something like: | The article could also use an entire section explaining how modern browsers, especially Chrome, attempt to use DNS over HTTPS to bypass the system configured DNS server under the guise of privacy (but lets face it, Google has financial incentive to prevent people from blocking ad.doubleclick.com)... An unbound configuration that prevents bootstrapping of popular DoH servers could help. Something like: |
Latest revision as of 03:47, 16 February 2024
Mention of modern browsers' attempts to bypass DNS blocking of ad servers
The article could also use an entire section explaining how modern browsers, especially Chrome, attempt to use DNS over HTTPS to bypass the system configured DNS server under the guise of privacy (but lets face it, Google has financial incentive to prevent people from blocking ad.doubleclick.com)... An unbound configuration that prevents bootstrapping of popular DoH servers could help. Something like:
server: #These three domains require special handling local-zone: "resolver.arpa" redirect local-zone: "doh.dns.apple.com" redirect local-zone: "use-application-dns.net" always_nxdomain local-zone: "cloudflare-dns.com" static local-zone: "dns-tunnel-check.googlezip.net" always_refuse #All other domains, lie and provide our own IP local-data: "doh.dns.apple.com.v.aaplimg.com. 120 IN A 192.168.0.1" local-data: "doh.42l.fr. 120 IN A 192.168.0.1" local-data: "i.233py.com. 120 IN A 192.168.0.1" local-data: "i.233py.com.a.bdydns.com. 120 IN A 192.168.0.1" local-data: "opencdn.jomodns.com. 120 IN A 192.168.0.1" local-data: "dns.233py.com. 120 IN A 192.168.0.1" local-data: "dns.233py.com.cdn.cloudflare.net. 120 IN A 192.168.0.1" local-data: "edns.233py.com. 120 IN A 192.168.0.1" local-data: "ndns.233py.com. 120 IN A 192.168.0.1" local-data: "sdns.233py.com. 120 IN A 192.168.0.1" local-data: "wdns.233py.com. 120 IN A 192.168.0.1" local-data: "dns-gcp.aaflalo.me. 120 IN A 192.168.0.1" local-data: "dns-nyc.aaflalo.me. 120 IN A 192.168.0.1" local-data: "dns.aaflalo.me. 120 IN A 192.168.0.1" local-data: "doh.abmb.win. 120 IN A 192.168.0.1" local-data: "doh2.abmb.win. 120 IN A 192.168.0.1" local-data: "dns.adguard.com. 120 IN A 192.168.0.1" local-data: "dns-family.adguard.com. 120 IN A 192.168.0.1" local-data: "dns-unfiltered.adguard.com. 120 IN A 192.168.0.1" local-data: "dns.adguard-dns.com. 120 IN A 192.168.0.1" local-data: "family.adguard-dns.com. 120 IN A 192.168.0.1" local-data: "unfiltered.adguard-dns.com. 120 IN A 192.168.0.1" local-data: "doh.nl.ahadns.net. 120 IN A 192.168.0.1" local-data: "doh.in.ahadns.net. 120 IN A 192.168.0.1" local-data: "doh.la.ahadns.net. 120 IN A 192.168.0.1" local-data: "doh.ny.ahadns.net. 120 IN A 192.168.0.1" local-data: "doh.pl.ahadns.net. 120 IN A 192.168.0.1" local-data: "doh.it.ahadns.net. 120 IN A 192.168.0.1" local-data: "doh.es.ahadns.net. 120 IN A 192.168.0.1" local-data: "doh.no.ahadns.net. 120 IN A 192.168.0.1" local-data: "doh.chi.ahadns.net. 120 IN A 192.168.0.1" local-data: "doh.au.ahadns.net. 120 IN A 192.168.0.1" local-data: "dot.nl.ahadns.net. 120 IN A 192.168.0.1" local-data: "dot.in.ahadns.net. 120 IN A 192.168.0.1" local-data: "dot.la.ahadns.net. 120 IN A 192.168.0.1" local-data: "dot.ny.ahadns.net. 120 IN A 192.168.0.1" local-data: "dot.pl.ahadns.net. 120 IN A 192.168.0.1" local-data: "dot.it.ahadns.net. 120 IN A 192.168.0.1" local-data: "dot.es.ahadns.net. 120 IN A 192.168.0.1" local-data: "dot.no.ahadns.net. 120 IN A 192.168.0.1" local-data: "dot.chi.ahadns.net. 120 IN A 192.168.0.1" local-data: "dot.au.ahadns.net. 120 IN A 192.168.0.1" local-data: "dnses.alekberg.net. 120 IN A 192.168.0.1" local-data: "dnsnl.alekberg.net. 120 IN A 192.168.0.1" local-data: "dnsse.alekberg.net. 120 IN A 192.168.0.1" local-data: "dns.alidns.com. 120 IN A 192.168.0.1" local-data: "doh.appliedprivacy.net. 120 IN A 192.168.0.1" local-data: "doh.applied-privacy.net. 120 IN A 192.168.0.1" local-data: "dot1.applied-privacy.net. 120 IN A 192.168.0.1" local-data: "doh.armadillodns.net. 120 IN A 192.168.0.1" local-data: "dohtrial.att.net. 120 IN A 192.168.0.1" local-data: "doh1.blahdns.com. 120 IN A 192.168.0.1" local-data: "doh1.b-cdn.net. 120 IN A 192.168.0.1" local-data: "doh2.blahdns.com. 120 IN A 192.168.0.1" local-data: "doh2.b-cdn.net. 120 IN A 192.168.0.1" local-data: "dot-ch.blahdns.com. 120 IN A 192.168.0.1" local-data: "doh-ch.blahdns.com. 120 IN A 192.168.0.1" local-data: "dot-fi.blahdns.com. 120 IN A 192.168.0.1" local-data: "doh-fi.blahdns.com. 120 IN A 192.168.0.1" local-data: "dot-de.blahdns.com. 120 IN A 192.168.0.1" local-data: "doh-de.blahdns.com. 120 IN A 192.168.0.1" local-data: "dot-jp.blahdns.com. 120 IN A 192.168.0.1" local-data: "doh-jp.blahdns.com. 120 IN A 192.168.0.1" local-data: "dot-sg.blahdns.com. 120 IN A 192.168.0.1" local-data: "doh-sg.blahdns.com. 120 IN A 192.168.0.1" local-data: "doh.blockerdns.com. 120 IN A 192.168.0.1" local-data: "doh.bortzmeyer.fr. 120 IN A 192.168.0.1" local-data: "dns.brahma.world. 120 IN A 192.168.0.1" local-data: "bravedns.com. 120 IN A 192.168.0.1" local-data: "doh.captnemo.in. 120 IN A 192.168.0.1" local-data: "ibuki.cgnat.net. 120 IN A 192.168.0.1" local-data: "canadianshield.cira.ca. 120 IN A 192.168.0.1" local-data: "dns.cloudflare.com. 120 IN A 192.168.0.1" local-data: "one.one.one.one. 120 IN A 192.168.0.1" local-data: "cloudflare-gateway.com. 120 IN A 192.168.0.1" local-data: "doh.cleanbrowsing.org. 120 IN A 192.168.0.1" local-data: "security-filter-dns.cleanbrowsing.org. 120 IN A 192.168.0.1" local-data: "adult-filter-dns.cleanbrowsing.org. 120 IN A 192.168.0.1" local-data: "family-filter-dns.cleanbrowsing.org. 120 IN A 192.168.0.1" local-data: "dns.cmrg.net. 120 IN A 192.168.0.1" local-data: "commons.host. 120 IN A 192.168.0.1" local-data: "dns.containerpi.com. 120 IN A 192.168.0.1" local-data: "dohdot.coxlab.net. 120 IN A 192.168.0.1" local-data: "doh.crypto.sx. 120 IN A 192.168.0.1" local-data: "jit.ddns.net. 120 IN A 192.168.0.1" local-data: "dns.decloudus.com. 120 IN A 192.168.0.1" local-data: "doh.defaultroutes.de. 120 IN A 192.168.0.1" local-data: "dns.developer.li. 120 IN A 192.168.0.1" local-data: "dns2.developer.li. 120 IN A 192.168.0.1" local-data: "dns.digitale-gesellschaft.ch. 120 IN A 192.168.0.1" local-data: "dns1.digitale-gesellschaft.ch. 120 IN A 192.168.0.1" local-data: "dns2.digitale-gesellschaft.ch. 120 IN A 192.168.0.1" local-data: "doh.disconnect.app. 120 IN A 192.168.0.1" local-data: "ns1.recursive.dnsbycomodo.com. 120 IN A 192.168.0.1" local-data: "ns2.recursive.dnsbycomodo.com. 120 IN A 192.168.0.1" local-data: "dnsforge.de. 120 IN A 192.168.0.1" local-data: "dns.google. 120 IN A 192.168.0.1" local-data: "dns.dnshome.de. 120 IN A 192.168.0.1" local-data: "dns1.dnscrypt.ca. 120 IN A 192.168.0.1" local-data: "dns2.dnscrypt.ca. 120 IN A 192.168.0.1" local-data: "doh.dnslify.com. 120 IN A 192.168.0.1" local-data: "a.ns.dnslify.com. 120 IN A 192.168.0.1" local-data: "b.ns.dnslify.com. 120 IN A 192.168.0.1" local-data: "a.safe.ns.dnslify.com. 120 IN A 192.168.0.1" local-data: "b.safe.ns.dnslify.com. 120 IN A 192.168.0.1" local-data: "a.family.ns.dnslify.com. 120 IN A 192.168.0.1" local-data: "b.family.ns.dnslify.com. 120 IN A 192.168.0.1" local-data: "dns.dnsoverhttps.net. 120 IN A 192.168.0.1" local-data: "dns.dns-over-https.com. 120 IN A 192.168.0.1" local-data: "adblock-dot.dnswarden.com. 120 IN A 192.168.0.1" local-data: "adult-filter-dot.dnswarden.com. 120 IN A 192.168.0.1" local-data: "doh.dnswarden.com. 120 IN A 192.168.0.1" local-data: "ecs-doh.dnswarden.com. 120 IN A 192.168.0.1" local-data: "uncensored-dot.dnswarden.com. 120 IN A 192.168.0.1" local-data: "doh.li. 120 IN A 192.168.0.1" local-data: "doh.ffmuc.net. 120 IN A 192.168.0.1" local-data: "dot.ffmuc.net. 120 IN A 192.168.0.1" local-data: "rdns.faelix.net. 120 IN A 192.168.0.1" local-data: "pdns.faelix.net. 120 IN A 192.168.0.1" local-data: "dns.flatuslifir.is. 120 IN A 192.168.0.1" local-data: "dns.google.com. 120 IN A 192.168.0.1" local-data: "google-public-dns-a.google.com. 120 IN A 192.168.0.1" local-data: "google-public-dns-b.google.com. 120 IN A 192.168.0.1" local-data: "query.hdns.io. 120 IN A 192.168.0.1" local-data: "ordns.he.net. 120 IN A 192.168.0.1" local-data: "dns.hostux.net. 120 IN A 192.168.0.1" local-data: "opennic.i2pd.xyz. 120 IN A 192.168.0.1" local-data: "public.dns.iij.jp. 120 IN A 192.168.0.1" local-data: "jcdns.fun. 120 IN A 192.168.0.1" local-data: "us1.dns.lavate.ch. 120 IN A 192.168.0.1" local-data: "eu1.dns.lavate.ch. 120 IN A 192.168.0.1" local-data: "resolver-eu.lelux.fi. 120 IN A 192.168.0.1" local-data: "doh.libredns.org. 120 IN A 192.168.0.1" local-data: "dot.libredns.gr.com. 120 IN A 192.168.0.1" local-data: "dot.libredns.gr. 120 IN A 192.168.0.1" local-data: "doh.libredns.gr. 120 IN A 192.168.0.1" local-data: "jarjar.meganerd.nl. 120 IN A 192.168.0.1" local-data: "dns.mrkaran.dev. 120 IN A 192.168.0.1" local-data: "adblock.mydns.network. 120 IN A 192.168.0.1" local-data: "dns.neutopia.org. 120 IN A 192.168.0.1" local-data: "dns.aa.net.uk. 120 IN A 192.168.0.1" local-data: "doh.netweaver.uk. 120 IN A 192.168.0.1" local-data: "dns.nextdns.io. 120 IN A 192.168.0.1" local-data: "dns1.nextdns.io. 120 IN A 192.168.0.1" local-data: "dns2.nextdns.io. 120 IN A 192.168.0.1" local-data: "odvr.nic.cz. 120 IN A 192.168.0.1" local-data: "dns.nixnet.xyz. 120 IN A 192.168.0.1" local-data: "lv1.nixnet.xyz. 120 IN A 192.168.0.1" local-data: "ny1.nixnet.xyz. 120 IN A 192.168.0.1" local-data: "lux1.nixnet.xyz. 120 IN A 192.168.0.1" local-data: "dns.njal.la. 120 IN A 192.168.0.1" local-data: "doh.opendns.com. 120 IN A 192.168.0.1" local-data: "doh.familyshield.opendns.com. 120 IN A 192.168.0.1" local-data: "doh.sandbox.opendns.com. 120 IN A 192.168.0.1" local-data: "resolver1.opendns.com. 120 IN A 192.168.0.1" local-data: "resolver2.opendns.com. 120 IN A 192.168.0.1" local-data: "resolver1-fs.opendns.com. 120 IN A 192.168.0.1" local-data: "resolver2-fs.opendns.com. 120 IN A 192.168.0.1" local-data: "dns.oszx.co. 120 IN A 192.168.0.1" local-data: "a.passcloud.xyz. 120 IN A 192.168.0.1" local-data: "i.passcloud.xyz. 120 IN A 192.168.0.1" local-data: "doh.post-factum.tk. 120 IN A 192.168.0.1" local-data: "doh.powerdns.org. 120 IN A 192.168.0.1" local-data: "rpz-public-resolver1.rrdns.pch.net. 120 IN A 192.168.0.1" local-data: "dns.pumplex.com. 120 IN A 192.168.0.1" local-data: "dns.quad9.net. 120 IN A 192.168.0.1" local-data: "dns9.quad9.net. 120 IN A 192.168.0.1" local-data: "dns10.quad9.net. 120 IN A 192.168.0.1" local-data: "dns11.quad9.net. 120 IN A 192.168.0.1" local-data: "dns12.quad9.net. 120 IN A 192.168.0.1" local-data: "dns13.quad9.net. 120 IN A 192.168.0.1" local-data: "dns-nosec.quad9.net. 120 IN A 192.168.0.1" local-data: "dns.rubyfish.cn. 120 IN A 192.168.0.1" local-data: "ea-dns.rubyfish.cn. 120 IN A 192.168.0.1" local-data: "uw-dns.rubyfish.cn. 120 IN A 192.168.0.1" local-data: "rumpelsepp.org. 120 IN A 192.168.0.1" local-data: "dns1.ryan-palmer.com. 120 IN A 192.168.0.1" local-data: "doh.securedns.eu. 120 IN A 192.168.0.1" local-data: "ads-doh.securedns.eu. 120 IN A 192.168.0.1" local-data: "dot.securedns.eu. 120 IN A 192.168.0.1" local-data: "doh.seby.io. 120 IN A 192.168.0.1" local-data: "doh-2.seby.io. 120 IN A 192.168.0.1" local-data: "dot.seby.io. 120 IN A 192.168.0.1" local-data: "2.dnscrypt-cert.dns.seby.io. 120 IN A 192.168.0.1" local-data: "dnsovertls.sinodun.com. 120 IN A 192.168.0.1" local-data: "dnsovertls1.sinodun.com. 120 IN A 192.168.0.1" local-data: "dnsovertls2.sinodun.com. 120 IN A 192.168.0.1" local-data: "dnsovertls3.sinodun.com. 120 IN A 192.168.0.1" local-data: "fi.doh.dns.snopyta.org. 120 IN A 192.168.0.1" local-data: "fi.dot.dns.snopyta.org. 120 IN A 192.168.0.1" local-data: "dns.switch.ch. 120 IN A 192.168.0.1" local-data: "ibksturm.synology.me. 120 IN A 192.168.0.1" local-data: "dns.t53.de. 120 IN A 192.168.0.1" local-data: "dns.therifleman.name. 120 IN A 192.168.0.1" local-data: "doh.tiar.app. 120 IN A 192.168.0.1" local-data: "dot.tiar.app. 120 IN A 192.168.0.1" local-data: "doh.tiarap.org. 120 IN A 192.168.0.1" local-data: "jp.tiar.app. 120 IN A 192.168.0.1" local-data: "jp.tiarap.org. 120 IN A 192.168.0.1" local-data: "dns.twnic.tw. 120 IN A 192.168.0.1" local-data: "doh.this.web.id. 120 IN A 192.168.0.1" local-data: "dns.wugui.zone. 120 IN A 192.168.0.1" local-data: "dns-asia.wugui.zone. 120 IN A 192.168.0.1" local-data: "adfree.usableprivacy.net. 120 IN A 192.168.0.1" local-data: "doh.xfinity.com. 120 IN A 192.168.0.1" local-data: "doh.gslb2.xfinity.com. 120 IN A 192.168.0.1" local-data: "fdns1.dismail.de. 120 IN A 192.168.0.1" local-data: "fdns2.dismail.de. 120 IN A 192.168.0.1" local-data: "anycast.censurfridns.dk. 120 IN A 192.168.0.1" local-data: "unicast.censurfridns.dk. 120 IN A 192.168.0.1" local-data: "anycast.uncensoreddns.org. 120 IN A 192.168.0.1" local-data: "unicast.uncensoreddns.org. 120 IN A 192.168.0.1" local-data: "dns.comss.one. 120 IN A 192.168.0.1" local-data: "dns.east.comss.one. 120 IN A 192.168.0.1" local-data: "dns-doh.dnsforfamily.com. 120 IN A 192.168.0.1" local-data: "dns-dot.dnsforfamily.com. 120 IN A 192.168.0.1" local-data: "dns.cfiec.net. 120 IN A 192.168.0.1" local-data: "asia.dnscepat.id. 120 IN A 192.168.0.1" local-data: "eropa.dnscepat.id. 120 IN A 192.168.0.1" local-data: "doh.360.cn. 120 IN A 192.168.0.1" local-data: "dot.360.cn. 120 IN A 192.168.0.1" local-data: "doh.pub. 120 IN A 192.168.0.1" local-data: "dns.pub. 120 IN A 192.168.0.1" local-data: "dot.pub. 120 IN A 192.168.0.1" local-data: "kaitain.restena.lu. 120 IN A 192.168.0.1" local-data: "getdnsapi.net. 120 IN A 192.168.0.1" local-data: "dns.larsdebruin.net. 120 IN A 192.168.0.1" local-data: "dns-tls.bitwiseshift.net. 120 IN A 192.168.0.1" local-data: "ns1.dnsprivacy.at. 120 IN A 192.168.0.1" local-data: "ns2.dnsprivacy.at. 120 IN A 192.168.0.1" local-data: "dns.bitgeek.in. 120 IN A 192.168.0.1" local-data: "privacydns.go6lab.si. 120 IN A 192.168.0.1" local-data: "dnsotls.lab.nic.cl. 120 IN A 192.168.0.1" local-data: "tls-dns-u.odvr.dns-oarc.net. 120 IN A 192.168.0.1" local-data: "doh.centraleu.pi-dns.com. 120 IN A 192.168.0.1" local-data: "dot.centraleu.pi-dns.com. 120 IN A 192.168.0.1" local-data: "doh.northeu.pi-dns.com. 120 IN A 192.168.0.1" local-data: "dot.northeu.pi-dns.com. 120 IN A 192.168.0.1" local-data: "doh.westus.pi-dns.com. 120 IN A 192.168.0.1" local-data: "dot.westus.pi-dns.com. 120 IN A 192.168.0.1" local-data: "doh.eastus.pi-dns.com. 120 IN A 192.168.0.1" local-data: "dot.eastus.pi-dns.com. 120 IN A 192.168.0.1" local-data: "doh.eastau.pi-dns.com. 120 IN A 192.168.0.1" local-data: "dot.eastau.pi-dns.com. 120 IN A 192.168.0.1" local-data: "doh.eastas.pi-dns.com. 120 IN A 192.168.0.1" local-data: "dot.eastas.pi-dns.com. 120 IN A 192.168.0.1" local-data: "doh.pi-dns.com. 120 IN A 192.168.0.1" local-data: "freedns.controld.com. 120 IN A 192.168.0.1" local-data: "doh.mullvad.net. 120 IN A 192.168.0.1" local-data: "dns.arapurayil.com. 120 IN A 192.168.0.1" local-data: "dot.xfinity.com. 120 IN A 192.168.0.1" local-data: "dot.cox.net. 120 IN A 192.168.0.1" local-data: "doh.cox.net. 120 IN A 192.168.0.1" local-data: "dns.sb. 120 IN A 192.168.0.1" local-data: "8888.google. 120 IN A 192.168.0.1" local-data: "doh.quickline.ch. 120 IN A 192.168.0.1" local-data: "doh-02.spectrum.com. 120 IN A 192.168.0.1" local-data: "doh-01.spectrum.com. 120 IN A 192.168.0.1" local-data: "mask.icloud.com. 120 IN A 192.168.0.1" local-data: "mask-h2.icloud.com. 120 IN A 192.168.0.1" local-data: "dandelionsprout.asuscomm.com. 120 IN A 192.168.0.1" local-data: "basic.rethinkdns.com. 120 IN A 192.168.0.1" local-data: "max.rethinkdns.com. 120 IN A 192.168.0.1" local-data: "dns.levonet.sk. 120 IN A 192.168.0.1" local-data: "chromium.dns.nextdns.io. 120 IN A 192.168.0.1" local-data: "dot.quickline.ch. 120 IN A 192.168.0.1" local-data: "doh.quickline.ch. 120 IN A 192.168.0.1"
–zcrayfish (talk•contribs•send email) 06:51, 15 February 2024 (UTC)