L2 Cache

Behold the power of |!

User Tools

Site Tools


Sidebar

projects:solaris:adblock

Table of Contents

Adblock

Packages are no longer provided, source remains available here:
https://github.com/sjorge/omnios-build-blackdot

Adblock is set of services written for Solaris. It consists of adserv1), updater and dnsmasq. However the later will conflict with the regular dnsmasq2).

Together they form a malware, spyware and adblocking solution for your entire network! updater will download blacklists of domain names for well know ad, spy and malware. It will then generate a custom dnsmasq configuration that will make those domains point to the host running Adblock. adserv will then pick up the requests to images, javascript files,… for those domains and replace them with a transparent pixel. It will also output a simple html page that will close itself if it is opened in a new windows (Popup).

The result is a near ad-free experience when surfing the web. For other requests like zip's, exe's,… it will return a 404. This will also put a stop to a lot of spyware and malware.

Once everything is setup and working you can simply make your router or main dns server use your adblock host as forwarder.

How it works

updater:
1. download adware.dns, spyware.dns and malware.dns from the internet.
2. merge adware.dns, spyware.dns, malware.dns and custom.dns files into a blacklist, it them subtracts the entries from ignore.dns
3. converts blacklist into a dnsmasq configuration file
4. restart dnsmasq and sleeps for 4 hours, goes back to 1.

dnsmasq:
1. gets DNS query
2. checks in local configuration for IP
3a. returns IP adblock host (domain was found in blacklist)
3b. queries downstream servers configured in adblock-resolv.conf3) (domain was not found in blacklist)

adserv:
1. gets HTTP request
2. returns dummy result: image → 1×1 transparent pixel, html page → popup closer, xml, javascript,… → dummy file.

Installation

The installation is quite simple if you run OmniOS.

Simple add the omnios.blackdot.be repository and install the adblock package.
Edit the adblock-dnsmasq.conf and set listen-address to the correct IP! Optionally also change the upstream DNS servers in adblock-resolv.conf. Then simply enable the services.

USER
# pfexec pkg set-publisher -g http://omnios.blackdot.be -g omnios.blackdot.be # pfexec pkg refresh –full # pfexec pkg install obd/server/misc/adblock # pfexec vi /opt/obd/etc/adblock/adblock-dnsmasq.conf # pfexec vi /opt/obd/etc/adblock/adblock-resolv.conf # pfexec svcadm enable adblock/updater # pfexec svcadm enable adblock/adserv # pfexec svcadm enable adblock/dnsmasq # pfexec svcs -x (to check for errors)

You can test by setting the adblock host as your DNS server for a single host. 4)

1)
Python is used in combination with the bottle module. (Yes I like this module!)
2)
If you know what you are doing (and your host has multiple IP's) they can co-exist with a little bit of effort.
3)
It is important this is not a server that points back to the adblock server!
4)
If the host is Mac OSX, make sure to flush the resolver caches! There are some wierd DNS bugs on Mac OSX.
projects/solaris/adblock.txt · Last modified: 2015/05/23 16:34 by sjorge