It’s really easy to create a DNS server that filters out malicious ads and links. The most popular option is to turn to Pi-Hole, but you will see for yourself that it is far from necessary. This tool requires some maintenance effort and increases the chances of being compromised by having a web environment open to the outside world.
With just a server, VPS or Raspberry Pi, and 10 commands we will have our own DNS filter running with fantastic performance.
Shall we start?
1 Download Maza Ad Blocking.
curl -o maza https://raw.githubusercontent.com/tanrax/maza-ad-blocking/master/maza
2 Grants Maza enforcement permissions.
chmod +x maza
3 Move Maza to the /usr/local/bin folder.
sudo mv maza /usr/local/bin
4 Starts Maza
sudo maza start
5 Open the file to configure the Cron tasks.
crontab -e
And add the following line so that the list of addresses to block is updated daily.
@daily maza update
6 Update your package manager.
Example with Debian/Ubuntu.
sudo apt update
7 Install a DNS server.
sudo apt install dnsmasq
8 Open the DNS server configuration.
sudo nano /etc/dnsmasq.conf
And add the following content at the end.
no-resolv
bind-interfaces
listen-address=0.0.0.0
cache-size=1000
conf-file=/home/your-user/.config/maza/dnsmasq.conf
server=1.1.1.1
server=1.0.0.1
server=8.8.8.8
server=8.8.4.4
server=208.67.220.220
Change user to the name of the user where you started Maza.
In the example I use Cloudflare’s DNS. Feel free to change them to the ones you like.
9 Raise the DNS server.
sudo systemctl start dnsmasq
10 Configure to raise the DNS server at startup.
sudo systemctl enable dnsmasq
And that’s it!
Last notes
If you are behind a firewall, you will not need to open port 53 on both TCP and UDP.
iptables -A INPUT -p tcp --dport 53 -j ACCEPT
iptables -A INPUT -p udp --dport 53 -j ACCEPT
And, of course, don’t forget to tell your operating system to use the IP of the server, or VPS, to resolve the DNS.
If you want more information I recommend you to check my Maza Ad blocking repository.
{{ comments.length }} comentarios