Pages

Saturday, January 11, 2020

Adblock with BIND DNS

If you're annoyed as me, watching all these advertisement when surfing the web, then this article might be something for you. In this article I will explain how to modify BIND to use as an Adblocker.
As stated already, I'm using BIND as DNS Server, running on Armbian on my Banana PI R2. Also I assume that you have BIND already configured and running.

The first step you need to do is to download the following list of known advertisment servers:

# wget "http://pgl.yoyo.org/adservers/serverlist.php?hostformat=bindconfig&showintro=0&mimetype=plaintext" -O /etc/bind/ad-server-list.conf

The second step is to reconfigure your existing BIND configuration and include the downloaded advertisement list, e.g.:

# vi /etc/bind/named.conf
...
// ZONES
include "/etc/bind/ad-block.conf";

zone "0.0.127.in-addr.arpa" {
        ...
};

zone "karellen.local" {
        ...
};
...

In step three you need to check for your directory directive in your BIND configuration file:

# grep "directory" /etc/bind/named.conf
        directory "/var/named";

The above grep command indicates that /var/named is the directory where BIND looks for other files.
Step four: in exactly this directory you need to create a new zones file, where all advertisement servers get redirected to 127.0.0.1:

# vi /var/named/null.zone.file
$TTL    86400   ; one day
@       IN      SOA     ads.karellen.local.        hostmaster.karellen.local. (
                        2014090101
                        28800
                        7200
                        864000
                        86400 )
        NS      bp01.karellen.local
        A       127.0.0.1
@       IN      A       127.0.0.1
*       IN      A       127.0.0.1

Notes:

  • karellen.local is my domain, you need to change it to your domain
  • bp01.karellen.local is my DNS, you need to change it to your DNS

For step five, update file permissions and reload your bind using rndc:

# chown bind:bind /etc/bind/ad-server-list.conf /var/named/null.zone.file
# rndc reload

And the final step, check if the new configuration works and that lookups for advertisement servers get redirected to 127.0.0.1:

# dig zzhc.vnet.cn
...
zzhc.vnet.cn.           86400   IN      A       127.0.0.1
...

If you want to redirect to another webserver, change 127.0.0.1 to your web server IP, e.g. 192.168.178.2:

# dig zzhc.vnet.cn
...
zzhc.vnet.cn.           86400   IN      A       192.168.178.2
...

Enjoy surfing the web advertisement free!

Links:
https://charlieharvey.org.uk/page/adblocking_with_bind_apache
https://advanxer.com/blog/2015/05/adblocking-using-bind-dns-server/
at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)