On 08/08/17 09:23, wkitt...@gmail.com wrote:
On 08/08/2017 04:06 AM, Matteo Croce wrote:
2017-08-08 4:26 GMT+02:00 <wkitt...@gmail.com>:
On 08/07/2017 06:02 PM, Matteo Croce wrote:
I propose adding an option to allow banning some domains.
add `--ban-hosts' which accepts a file name which contains a list of
domains to block, one per line.
Domains are blocked by simply returning NXDOMAIN.
is the following in dnsmasq.conf broken???
# block these domains with NXDOMAIN
Nope, but it's unpractical when the ban list is huge
# wc -l /etc/banhosts
also, having it in a separate file will allow updating it without
messing with the configuration file
well, you asked for comments so i did... as for separate files, can't it
be done in another file that is included in the main one? i can't
remember if dnsmasq allows one to include additional files or not...
LEDE/Openwrt does exactly that. The startup script conditionally
includes a config file with a list of RFC6761 related domains to never
forward "--conf-file=$RFC6761FILE" - The referenced file contains
"server=/exclude/" type references.
So the functionality is already there, though not quite with perfect
syntax in the sense that 'server=/ /' is repeated each line.
How is the 'ban-hosts' file updated? Does it need a SIGHUP to dnsmasq
(please not another thing hanging off SIGHUP) Does it need a complete
If 'ban-hosts' can be dynamically updated then I can see some value in
it, until then it looks like it's a syntax nicety. Perhaps there's some
other feature we're all missing... is it faster for example?
Dnsmasq-discuss mailing list