Re: [OpenWrt-Devel] Slow DNSMasq with > 100, 000 entries in additional addresses file

On Sat, Dec 31, 2016 at 12:15 AM, TheWerthFam wrote: > Quick report - > So I didn't test pihole per say, but used that method of storing the > blacklist into the hosts file for dnsmasq to use. Dnsmasq must use a > different storage method for its hosts file. I loaded

Re: [OpenWrt-Devel] Slow DNSMasq with > 100, 000 entries in additional addresses file

Quick report - So I didn't test pihole per say, but used that method of storing the blacklist into the hosts file for dnsmasq to use. Dnsmasq must use a different storage method for its hosts file. I loaded 850439 entries in the hosts file and restarted dnsmasq. I uses 1/2 as much memory than

Re: [OpenWrt-Devel] Slow DNSMasq with > 100, 000 entries in additional addresses file

> I also fiddled a bit with bloom filters, which strike me as appropo. Bloom filters trade accuracy for space -- they're arbitrarily smaller than hash tables, but at the cost of causing more false positives. Since your tests indicate that perfect hash tables are small enough, a Bloom filter

Re: [OpenWrt-Devel] Slow DNSMasq with > 100, 000 entries in additional addresses file

On Thu, Dec 29, 2016 at 8:09 AM, TheWerthFam wrote: > Right now I'd rather not customize the code. There are two directions I'm > going to try first. > Give unbound a try to serve DNS, keeping Dnsmasq for DHCP. If that doesn't > work try converting the list to a hosts

Re: [OpenWrt-Devel] Slow DNSMasq with > 100, 000 entries in additional addresses file

Right now I'd rather not customize the code. There are two directions I'm going to try first. Give unbound a try to serve DNS, keeping Dnsmasq for DHCP. If that doesn't work try converting the list to a hosts file pointing to a local pixelsrv address. There are some other blog posts that

Re: [OpenWrt-Devel] Slow DNSMasq with > 100, 000 entries in additional addresses file

On Tue, Dec 27, 2016 at 11:03 PM, TheWerthFam wrote: > Thanks for the feedback, I'll look into NFQUEUE. I'm forcing the use of my > dns by iptables. I'm also using a transparent squid and e2guardian to > filter content. I like the idea of the dns based blacklist to add

Re: [OpenWrt-Devel] Slow DNSMasq with > 100, 000 entries in additional addresses file

Thanks for the feedback, I'll look into NFQUEUE. I'm forcing the use of my dns by iptables. I'm also using a transparent squid and e2guardian to filter content. I like the idea of the dns based blacklist to add some filtering capabilities since I don't want to try and filter https types

Re: [OpenWrt-Devel] Slow DNSMasq with > 100, 000 entries in additional addresses file

> On Dec 26, 2016, at 10:32 AM, TheWerthFam wrote: > > Using the adblock set of scripts to block malware and porn sites. The porn > sites list is 800,000 entries, about 10x the number of sites adblock normally > uses. With the full list of malware and porn domains

Re: [OpenWrt-Devel] Slow DNSMasq with > 100, 000 entries in additional addresses file

On 27.12.2016 04:54, TheWerthFam wrote: Problem with this method is that it misses lots of HTTPS based sites. I do already run squid though. Am I wrong that it will not proxy https sites unless you use MITM type setup? Thanks On 12/26/2016 08:47 PM, Lucian Cristian wrote: On 26.12.2016

Re: [OpenWrt-Devel] Slow DNSMasq with > 100, 000 entries in additional addresses file

Problem with this method is that it misses lots of HTTPS based sites. I do already run squid though. Am I wrong that it will not proxy https sites unless you use MITM type setup? Thanks On 12/26/2016 08:47 PM, Lucian Cristian wrote: On 26.12.2016 19:32, TheWerthFam wrote: Using the adblock

Re: [OpenWrt-Devel] Slow DNSMasq with > 100, 000 entries in additional addresses file

On 26.12.2016 19:32, TheWerthFam wrote: Using the adblock set of scripts to block malware and porn sites. The porn sites list is 800,000 entries, about 10x the number of sites adblock normally uses. With the full list of malware and porn domains loaded, dnsmasq takes 115M of memory and

[OpenWrt-Devel] Slow DNSMasq with > 100, 000 entries in additional addresses file

Using the adblock set of scripts to block malware and porn sites. The porn sites list is 800,000 entries, about 10x the number of sites adblock normally uses. With the full list of malware and porn domains loaded, dnsmasq takes 115M of memory and normally sits around 50% CPU usage with