DNS AdBlocker plugin for CoreDNS.
First get the CoreDNS source code by running, after you cloned this repository into the proper path in your GOPATH
go get github.com/coredns/coredns
Then navigate to the coredns directory
cd $(go env GOPATH)/src/github.com/coredns/coredns
Next update the plugin.cfg
in the root of the coredns repository as follows
sed -i 's|loadbalance:loadbalance|ads:github.com/c-mueller/ads\nloadbalance:loadbalance|g' plugin.cfg
while I would suggest having the ads
plugin before the cache
plugin because it will
cause the changes in the blocklists to be applied instantly. However the overall performance of
the DNS server could degrade when having many regex rules. In that case I recommend putting the
plugin before the hosts
plugin:
sed -i 's|hosts:hosts|ads:github.com/c-mueller/ads\nhosts:hosts|g' plugin.cfg
Finally run make
to build CoreDNS with the ads
plugin
The releases section also contains binaries of the latest CoreDNS with the ads plugin. These get built automatically using drone. Once they have been triggered.
Running the ads
plugin with all defaults is done by just adding the ads
keyword to your Corefile.
For example:
.:53 {
ads
forward . 1.1.1.1
log
errors
}
You can see a more complex ads
configuration in the following Corefile
.:53 {
ads {
list http://url-to-my-blocklists.com/list1.txt
list http://url-to-my-blocklists.com/list2.txt
default-lists
blacklist google.com
whitelist googleadservices.com
target 10.133.7.8
target-ipv6 ::1
}
# Other directives have been omitted
}
list <LIST URL>
HTTP(S)-URL to a hostlist to Blockdefault-lists
Readds the default hostlists to the internal list of blocklists.- This command is needed if you want to add custom blocklists and you want to also use the default ones
target <IPv4 IP>
defines the target ip to which blocked domains should resolve to if a A record is requestedtarget-ipv6 <IPv6 IP>
defines the target IPv6 address to which blocked domains should resolve to if a AAAA record is requesteddisable-auto-update
Turns off the automatic update of the blocklists every 24h (can be changed)log
Print a message every time a request gets blockedauto-update-interval <INTERVAL>
Allows the modification of the interval between blocklist updates- This operation uses Golangs
time.ParseDuration()
function in order to parse the duration. Please ensure the specified duration can be parsed by this operation. Please refer to here. - This gets ignored if the automatic blocklist updates have been disabled
- This operation uses Golangs
blocklist-path <FILEPATH FOR PERSISTED BLOCKLIST>
This option enables persisting of the blocklist to prevent a automatic redownload everytime CoreDNS restarts. The lists get persisted everytime a update get performed.- If autoupdates have been turned off the list will be reloaded every time the application launches. Making this option pretty useless for this kind of configuration.
whitelist <QNAME>
andblacklist <QNAME>
Allows the explicit whitelisting or blacklisting of specific qnames. If a qname is on the whitelist it will not be blocked.whitelist-regex <REGEX>
andblacklist-regex <REGEX>
identical to the regular whitelist and blacklist options. But instead of blocking a specific qname blocking is done for a regular expression. Yo might want to define exceptions to a regex blacklist entry. This can be done by using eitehr thewhitelist
orwhitelist-regex
options.