{
"info": {
"author": "Olivier Mauras",
"author_email": "olivier@mauras.ch",
"bugtrack_url": null,
"classifiers": [
"Development Status :: 5 - Production/Stable",
"Intended Audience :: System Administrators",
"License :: OSI Approved :: MIT License",
"Programming Language :: Python :: 2",
"Programming Language :: Python :: 2.7",
"Programming Language :: Python :: 3",
"Programming Language :: Python :: 3.6",
"Topic :: Internet :: Name Service (DNS)"
],
"description": "dns-blackhole\n=============\n\n| Most of code comes from here:\n http://git.mauras.ch/Various/powerdns\\_recursor\\_ads\\_blocking\n| Check it for history.\n\n| This script helps you create a blackhole zone for your DNS server,\n using some well known ads/tracking/malware lists.\n| As long as your DNS server allows to include a file containing one\n domain per line with its config syntax it should work.\n| Right now known to work and tested:\n\n- `Unbound `__\n- `PowerDNS recursor `__\n- `Dnsmasq `__\n\nGenerating an agregated host file is also possible.\n\nFeatures\n--------\n\n- Not bound to a specific DNS server, generates a file format of your\n choice\n- Supports 3 different list format\n\n - Host file\n - `Easylist `__\n - `Disconnect `__\n\n- Lets you whitelist/blacklist domains\n- YAML configuration file\n\nInstallation\n------------\n\nThe script requires ``PyYAML`` and ``requests`` modules.\n\n.. code:: bash\n\n pip install [--upgrade] dns-blackhole\n\nUnbound\n^^^^^^^\n\n| Requires unbound >= ``1.6``, using the default zone file with unbound\n ``1.5`` will certainly make it eat all your ram and swap before\n getting killed.\n| Add ``include: \"/etc/unbound/blackhole.zone\"`` right after your\n ``server:`` block.\n| Use the following ``zone_data`` in your ``dns-blackhole.yml``\n (default):\n\n.. code:: yaml\n\n zone_data: 'local-zone: \"{domain}\" always_nxdomain'\n\n``{domain}`` wil be replaced by the blackholed domains\n\nPowerDNS Recursor\n^^^^^^^^^^^^^^^^^\n\n| Add ``forward-zones-file=/etc/pdns/blackhole.zone`` in your recursor\n configuration.\n| Use the following ``zone_data`` in your ``dns-blackhole.yml``:\n\n.. code:: yaml\n\n zone_data: '{domain}='\n\n``{domain}`` wil be replaced by the blackholed domains\n\nDnsmasq\n^^^^^^^\n\n| Add ``conf-dir=/etc/dnsmasq.d`` in your dnsmasq config and point your\n ``zone_file`` option to ``/etc/dnsmasq.d/blackhole.conf``\n| Use the following ``zone_data`` in your ``dns-blackhole.yml``:\n\n.. code:: yaml\n\n zone_data: 'server=/{domain}/'\n\n``{domain}`` wil be replaced by the blackholed domains\n\nHost file\n^^^^^^^^^\n\nUse the following ``zone_data`` in your ``dns-blackhole.yml``:\n\n.. code:: yaml\n\n zone_data: '127.0.0.1 {domain}'\n\n| Once you're happy with your configuration Just run ``dns-blackhole``.\n| The default lists in ``dns-blackhole.yml`` will generate a zone\n containing ~698000 entries.\n\nConfiguration\n-------------\n\nAs the configuration file is in YAML, you can use YAML anchors\n\n.. code:: yaml\n\n dns-blackhole:\n general:\n cache: /var/cache/dns-blackhole\n log: /var/log/dns-blackhole/dns-blackhole.log\n whitelist: /etc/dns-blackhole/whitelist\n blacklist: /etc/dns-blackhole/blacklist\n blackhole_lists:\n hosts:\n - http://someonewhocares.org/hosts/hosts\n - https://hosts-file.net/download/hosts.txt\n - http://winhelp2002.mvps.org/hosts.txt\n - http://www.malwaredomainlist.com/hostslist/hosts.txt\n - https://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts;showintro=0\n easylist: &bh_easy\n - https://easylist.to/easylist/easylist.txt\n - https://raw.githubusercontent.com/paulgb/BarbBlock/master/BarbBlock.txt\n disconnect: &bh_disconnect\n url: https://services.disconnect.me/disconnect-plaintext.json\n categories: # Advertising, Analytics, Disconnect, Social\n - Advertising\n - Analytics\n config:\n zone_file: /etc/unbound/blackhole.zone\n # {domain} will be replaced by the blackholed domain, do not change it here\n zone_data: 'local-zone: \"{domain}\" always_nxdomain'\n blackhole_lists:\n hosts:\n - http://winhelp2002.mvps.org/hosts.txt\n easylist: *bh_easy\n disconnect: *bh_disconnect\n\nIn this example you would keep ``easylist`` and ``disconnect`` lists,\nbut would remove all host file lists except mvps.\n\nFAQ\n---\n\nWhat's the advantage of having the DNS server returning NX instead of 127.0.0.1\n^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n\n| Host lists are usually returning ``127.0.0.1`` or ``0.0.0.0``.\n| Depending of the system and/or browser you use, you can end up having\n timeout/slowness issues as it retries to connect several times before\n considering the remote resource down.\n\nHaving your DNS server return NXDOMAIN - Non existant domain - on the\nother side makes your client behave faster as there's nothing to retry\nwhen the domain doesn't exist.\n\nWhy using forward-zones-file option instead of auth-zones in PowerDNS recursor?\n^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n\n| Syntax of the ``auth-zones`` is like this:\n ``auth-zones=dom1=,dom2=,dom3=,etc``\n| While this may work for 5000 black holed domains, for almost 700 000\n the speed of generation is so slow that it takes several tens of\n minutes to complete. Even worse, with such a list, pdns-recursor is\n not even able to start and will crash.\n| By using the ``forward-zones-file`` pdns-recursor takes around 5 more\n seconds to process the zone file.\n\nWhich DNS server is the best?\n^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n\nIt's really a matter of preferences and what you have available. Use the\none you're the most comfortable with.\n\nTODO\n----\n\n- Cache is not implemented yet\n- Log is not implemented yet",
"description_content_type": null,
"docs_url": null,
"download_url": "",
"downloads": {
"last_day": -1,
"last_month": -1,
"last_week": -1
},
"home_page": "https://github.com/coredumb/dns-blackhole",
"keywords": "DNS blackhole",
"license": "MIT",
"maintainer": "",
"maintainer_email": "",
"name": "dns-blackhole",
"package_url": "https://pypi.org/project/dns-blackhole/",
"platform": "",
"project_url": "https://pypi.org/project/dns-blackhole/",
"project_urls": {
"Homepage": "https://github.com/coredumb/dns-blackhole"
},
"release_url": "https://pypi.org/project/dns-blackhole/0.12/",
"requires_dist": null,
"requires_python": "",
"summary": "A generic DNS black hole zone generator",
"version": "0.12"
},
"last_serial": 3204728,
"releases": {
"0.12": [
{
"comment_text": "",
"digests": {
"md5": "5666bd24069387aa6bd98da7545af368",
"sha256": "b80b114092261cb2bae451838e4d398a427800af49f8682167e04f83163767ed"
},
"downloads": -1,
"filename": "dns-blackhole-0.12.tar.gz",
"has_sig": false,
"md5_digest": "5666bd24069387aa6bd98da7545af368",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 7696,
"upload_time": "2017-09-26T18:23:19",
"url": "https://files.pythonhosted.org/packages/fb/b5/fa36087c723eeea3fc67b92592d077de847cea6f73e54934c63b03902ba2/dns-blackhole-0.12.tar.gz"
}
]
},
"urls": [
{
"comment_text": "",
"digests": {
"md5": "5666bd24069387aa6bd98da7545af368",
"sha256": "b80b114092261cb2bae451838e4d398a427800af49f8682167e04f83163767ed"
},
"downloads": -1,
"filename": "dns-blackhole-0.12.tar.gz",
"has_sig": false,
"md5_digest": "5666bd24069387aa6bd98da7545af368",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 7696,
"upload_time": "2017-09-26T18:23:19",
"url": "https://files.pythonhosted.org/packages/fb/b5/fa36087c723eeea3fc67b92592d077de847cea6f73e54934c63b03902ba2/dns-blackhole-0.12.tar.gz"
}
]
}