L2 Cache

Behold the power of |!

User Tools

Site Tools


projects:solaris:adblock

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
projects:solaris:adblock [2013/07/22 20:27]
sjorge
projects:solaris:adblock [2015/05/23 16:34] (current)
sjorge
Line 1: Line 1:
 ====== Adblock ====== ====== Adblock ======
-Adblock is set of services written for Solaris. It consists of ''​adserv''​((Python is used in combination with the [[http://​bottlepy.org|bottle]] module. (Yes I like this module!) )), ''​updater''​ and ''​dnsmasq''​. However the later will conflickt ​with the regular dnsmasq((If you know what you are doing (and your host has multiple IP's) they can co-exist with a little bit of effort.)).+<​note>​Packages are no longer provided, source remains available here:\\ [[https://​github.com/​sjorge/​omnios-build-blackdot]]</​note>​ 
 + 
 +Adblock is set of services written for Solaris. It consists of ''​adserv''​((Python is used in combination with the [[http://​bottlepy.org|bottle]] module. (Yes I like this module!) )), ''​updater''​ and ''​dnsmasq''​. However the later will conflict ​with the regular dnsmasq((If you know what you are doing (and your host has multiple IP's) they can co-exist with a little bit of effort.)).
  
 Together they form a malware, spyware and adblocking solution for your entire network! ''​updater''​ will download blacklists of domain names for well know ad, spy and malware. It will then generate a custom ''​dnsmasq''​ configuration that will make those domains point to the host running Adblock. ''​adserv''​ will then pick up the requests to images, javascript files,... for those domains and replace them with a transparent pixel. It will also output a simple html page that will close itself if it is opened in a new windows (Popup). ​ Together they form a malware, spyware and adblocking solution for your entire network! ''​updater''​ will download blacklists of domain names for well know ad, spy and malware. It will then generate a custom ''​dnsmasq''​ configuration that will make those domains point to the host running Adblock. ''​adserv''​ will then pick up the requests to images, javascript files,... for those domains and replace them with a transparent pixel. It will also output a simple html page that will close itself if it is opened in a new windows (Popup). ​
Line 7: Line 9:
  
 Once everything is setup and working you can simply make your router or main dns server use your adblock host as forwarder. Once everything is setup and working you can simply make your router or main dns server use your adblock host as forwarder.
 +
 +===== How it works =====
 +{{:​projects:​solaris:​adblock-overview.png?​nolink|}}
 +
 +''​updater'':​\\
 +1. download //​adware.dns//,​ //​spyware.dns//​ and //​malware.dns//​ from the internet.\\
 +2. merge //​adware.dns//,​ //​spyware.dns//,​ //​malware.dns//​ and //​custom.dns//​ files into a blacklist, it them subtracts the entries from ''​ignore.dns''​\\
 +3. converts blacklist into a dnsmasq configuration file\\
 +4. restart ''​dnsmasq''​ and sleeps for 4 hours, goes back to 1.
 +
 +''​dnsmasq'':​\\
 +1. gets DNS query\\
 +2. checks in local configuration for IP\\
 +3a. returns IP adblock host (domain was found in blacklist)\\
 +3b. queries downstream servers configured in //​adblock-resolv.conf//​((It is important this is **not** a server that points back to the adblock server!)) (domain was not found in blacklist) ​
 +
 +''​adserv'':​\\
 +1. gets HTTP request\\
 +2. returns dummy result: image -> 1x1 transparent pixel, html page -> popup closer, xml, javascript,​... -> dummy file.
 +
 +===== Installation =====
 +The installation is quite simple if you run OmniOS.
 +
 +Simple add the omnios.blackdot.be repository and install the adblock package.\\
 +Edit the //​adblock-dnsmasq.conf//​ and set **listen-address** to the correct IP! Optionally also change the upstream DNS servers in //​adblock-resolv.conf//​. Then simply enable the services.
 +
 +<​konsole>​
 +# pfexec pkg set-publisher -g http://​omnios.blackdot.be -g omnios.blackdot.be
 +# pfexec pkg refresh --full
 +# pfexec pkg install obd/​server/​misc/​adblock
 +# pfexec vi /​opt/​obd/​etc/​adblock/​adblock-dnsmasq.conf
 +# pfexec vi /​opt/​obd/​etc/​adblock/​adblock-resolv.conf
 +# pfexec svcadm enable adblock/​updater
 +# pfexec svcadm enable adblock/​adserv
 +# pfexec svcadm enable adblock/​dnsmasq
 +# pfexec svcs -x (to check for errors)
 +</​konsole>​
 +
 +You can test by setting the adblock host as your DNS server for a single host. ((If the host is Mac OSX, make sure to flush the resolver caches! There are some wierd DNS bugs on Mac OSX.))
projects/solaris/adblock.1374517663.txt.gz · Last modified: 2014/10/09 22:02 (external edit)