Dnsmasq example: DNS sinkhole

From wikinotes
Revision as of 20:03, 11 October 2021 by Will (talk | contribs)

See wikipedia definition. This method can be used to block advertisers.

The general idea is that we'll redirect several hostname DNS requests to
so they never reach their intended target (by using address= substitutions).


Based on pi-hole

log-queries                   # log rejected attempts
localise-queries              # hostnames are localized to their subnets (allowing reuse in different subnets)
no-resolv                     # only configured nameservers are used (ignores resolv.conf)
cache-size=10000              # keep LRU cache of 10_000 domain-names
local-ttl=2                   # instructs requester caches host/dhcp-leases for 2s
log-async                     # async logging

# domain-name substitution
address=/example.com/         # redirect all requests to example.com to or ::1
address=/example.com/  # same

addn-hosts=/etc/foobar/hosts  # adds a file with several 'address=' statements

# use open-dns