Skip to content

Trellmor/bind-adblock

Repository files navigation

BIND ad blocker

Fetch various blocklists and generate a BIND zone from them.

Configure BIND to return NXDOMAIN for ad and tracking domains to stop clients from contacting them.

Requires BIND 9.8 or newer for RPZ support.

Uses the following sources:

Setup

Python packages

See requirements.txt

To install

python3 -m venv venv
source venv/bin/activate
pip install --upgrade pip
pip install -r requirements.txt

Configure BIND

Add the response-policy statement to the BIND options

// For AdBlock
response-policy {
	zone "rpz.example.com";
};

Add your rpz zone. Replace example.com with a domain of your choice.

// AdBlock
zone "rpz.example.com" {
	type master;
	file "/etc/bind/db.rpz.example.com";
	masterfile-format text;
	allow-query { none; };
};

Create a zone file for your zone. Replace example.com with the domain you used before.

@ 3600 IN SOA @ admin.example.com. 0 86400 7200 2592000 86400
@ 3600 IN NS ns.example.com.

Usage

usage: update-zonefile.py [-h] [--no-bind] [--raw] [--empty] zonefile origin

Update zone file from public DNS ad blocking lists

positional arguments:
  zonefile    path to zone file
  origin      zone origin

optional arguments:
  -h, --help  show this help message and exit
  --no-bind   Don't try to check/reload bind zone
  --raw       Save the zone file in raw format. Requires named-compilezone
  --empty     Create header-only (empty) rpz zone file
  --views     If using multiple BIND views, list where each zone is defined

Example: update-zonefile.py /etc/bind/db.rpz.example.com rpz.example.com

update-zonefile.py will update the zone file with the fetched adserver lists and issue a rndc reload origin afterwards.

Multiple BIND Views

If you defined the adblock rpz across multiple BIND views, then you will need to pass --views a space separated list of which views the zone is defined.

Doing so will issue 'rndc reload origin IN view' for each view provided for the origin zone.

--views "internal dmz test"

This argument can be omitted if the origin zone only occurs once in your configuration. The following error is an indication you are using the rpz zone multiple views.

zone 'rpz.adblocker' was found in multiple views

Whitelist

You can either use an additional zone to whitelist domains (Or add them to config.yml) See Whitelist for adding a whitelist zone.

About

Use the BIND DNS server to block ads

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published