I run dnsmasq so there is one easy fix for all the computers at my home no mater the Operating System.
See bogus-nxdomain items belowvi /etc/dnsmasq.conf # Block a big list of domains conf-dir=/etc/dnsmasq.d #conf-file=/etc/dnsmasq.d/blockdomains.conf #Send most DNS lookups to opendns.com #opendns.com Standard #server=208.67.222.222 #server=208.67.220.220 #http://blog.opendns.com/2010/06/23/introducing-familyshield-parental-controls/ #opendns.com FamilyShield’s IPs are: server=208.67.222.123 server=208.67.220.123 # some ISP services only resolve internally so send all bresnan.net lookups to 69.146.17.2 server=/bresnan.net/69.146.17.2 # Send this to google public DNS. server=/googleusercontent.com/8.8.8.8 # Block some DNS results that we do not want bogus-nxdomain=64.94.110.11 #unregistered search.bresnan.net 216.24.138.161 bogus-nxdomain=216.24.138.161 #unregistered opendns.com site 208.69.32.132 bogus-nxdomain=208.69.32.132 #blocked opendns.com site 67.215.65.130 2010-10-22 bogus-nxdomain=67.215.65.130
# get the list of domains to block, and save to temp file wget -O /tmp/blockdomains http://pgl.yoyo.org/as/serverlist.php?hostformat=dnsmasq&showintro=0&mimetype=plaintext # clean it up because above sends extra html junk grep address= /tmp/blockdomains > /etc/dnsmasq.d/blockdomains.conf # remove temp file rm /tmp/blockdomains #Check results or edit / add / delete items vi /etc/dnsmasq.d/blockdomains.conf # Restart and test /etc/init.d/dnsmasq restart
Links:
http://blog.opendns.com/2010/06/23/introducing-familyshield-parental-controls/
http://www.debian-administration.org/articles/535
http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html
http://pgl.yoyo.org/as/
http://www.opendns.com/
http://benworks.wordpress.com/2008/07/21/rogers-does-it-againhijacking-failed-dns-lookups/
No comments:
Post a Comment