Hi Ercolino, On 19.11.24 17:31, Ercolino de Spiacico wrote:
In the context of Adblock, I noticed that our adblock script can handle relatively well about 10MB of blockfile which is about 7.8% of the device RAM (128MB), after that the resolution time increases exponentially to the point where the DNS resolution times-out and more importantly the device becomes unstable. (...) Then, I'm not suggesting we should re-invent the wheel, but perhaps there's a margin for a new directive whose behavior is a simple grep against a mapped file to be used as an authority for those domains? Might be restricted to blocking only (returning NX or 0.0.0.0 or 127.0.0.1)? Not sure what the secondary implications of such an idea would be, but I'll be glad to hear some comments/opinions on this topic.
You may want to take a look at Pi-hole (https://docs.pi-hole.net). It's DNS resolver pihole-FTL is a dnsmasq fork, combining it with a sqlite3 database for blocked domains and a B-tree algorithm for domain matching, also employing some advanced steps like regex matching, or deep CNAME inspection to thwart CNAME cloaking. It also provides a web UI for managing and some statistics, but that is optional. All of dnsmasq's configuration options are still available and fully operational, though you may have to pay attention in places not to conflict with Pi-hole's default options. Pi-hole's developers are active on dnsmasq's mailing lists as well, giving back by committing code improvements to dnsmasq, and Pi-hole team members sometimes offer a piece of advice here as well (including me). I've been running that (including web server, web UI and unbound as upstream, plus wireguard) on a quad core Cortex-A7 SBC with 256MB RAM (115MB used) and about 750,000 blocked domains (weighing about 17M in hosts format) plus a few regex blocks without issues for years, with reply times for blocked domains averaging at ~1 ms and ~4ms for regex matches. Kind regards, Buck _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss