From 8627262bf1ec5320cf8f37bdfc42692df520a5f4 Mon Sep 17 00:00:00 2001 From: Stuart Shapiro Date: Thu, 20 Jun 2019 16:19:04 -0400 Subject: [PATCH] Add wildcard blocking --- roles/dns/tasks/dns_adblocking.yml | 5 +++++ roles/dns/templates/adblock.sh.j2 | 8 ++++++++ roles/dns/templates/wildcard.list.j2 | 13 +++++++++++++ 3 files changed, 26 insertions(+) create mode 100644 roles/dns/templates/wildcard.list.j2 diff --git a/roles/dns/tasks/dns_adblocking.yml b/roles/dns/tasks/dns_adblocking.yml index 5ef90249..7494c6e5 100644 --- a/roles/dns/tasks/dns_adblocking.yml +++ b/roles/dns/tasks/dns_adblocking.yml @@ -15,6 +15,11 @@ job: /usr/local/sbin/adblock.sh user: root +- name: dnscrypt-proxy wildcard-blacklist configured + template: + src: wildcard.list.j2 + dest: "{{ config_prefix|default('/') }}etc/dnscrypt-proxy/wildcard.list" + - name: Update adblock hosts command: /usr/local/sbin/adblock.sh changed_when: false diff --git a/roles/dns/templates/adblock.sh.j2 b/roles/dns/templates/adblock.sh.j2 index cc74f982..57679025 100644 --- a/roles/dns/templates/adblock.sh.j2 +++ b/roles/dns/templates/adblock.sh.j2 @@ -5,6 +5,7 @@ TEMP="$(mktemp)" TEMP_SORTED="$(mktemp)" WHITELIST="/etc/dnscrypt-proxy/white.list" BLACKLIST="/etc/dnscrypt-proxy/black.list" +WILDCARDS="{{ config_prefix|default('/') }}etc/dnscrypt-proxy/wildcard.list" BLOCKHOSTS="{{ config_prefix|default('/') }}etc/dnscrypt-proxy/blacklist.txt" BLOCKLIST_URLS="{% for url in adblock_lists %}{{ url }} {% endfor %}" @@ -17,6 +18,13 @@ for url in $BLOCKLIST_URLS; do wget --timeout=2 --tries=3 -qO- "$url" | grep -Ev "(localhost)" | grep -Ew "(0.0.0.0|127.0.0.1)" | awk '{sub(/\r$/,"");print $2}' >> "$TEMP" done +#Add wildcards, if non empty +if [ -s "$WILDCARDS" ] +then + echo 'Adding wildcards...' + cat $WILDCARDS >> "$TEMP" +fi + #Add black list, if non-empty if [ -s "$BLACKLIST" ] then diff --git a/roles/dns/templates/wildcard.list.j2 b/roles/dns/templates/wildcard.list.j2 new file mode 100644 index 00000000..cc84bcd7 --- /dev/null +++ b/roles/dns/templates/wildcard.list.j2 @@ -0,0 +1,13 @@ +ad.* +ads.* +ad[0-9]* +ads[0-9]* +adserver.* +adserver[0-9].* +banner.* +banners.* +beacon.* +stats.* +tag.* +telemetry.* +tracker.*