L2 Cache

Behold the power of |!

User Tools

Site Tools


projects:solaris:adblock

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
projects:solaris:adblock [2013/07/22 20:28]
sjorge
projects:solaris:adblock [2015/05/23 16:34] (current)
sjorge
Line 1: Line 1:
 ====== Adblock ====== ====== Adblock ======
-Adblock is set of services written for Solaris. It consists of ''​adserv''​((Python is used in combination with the [[http://​bottlepy.org|bottle]] module. (Yes I like this module!) )), ''​updater''​ and ''​dnsmasq''​. However the later will conflickt ​with the regular dnsmasq((If you know what you are doing (and your host has multiple IP's) they can co-exist with a little bit of effort.)).+<​note>​Packages are no longer provided, source remains available here:\\ [[https://​github.com/​sjorge/​omnios-build-blackdot]]</​note>​ 
 + 
 +Adblock is set of services written for Solaris. It consists of ''​adserv''​((Python is used in combination with the [[http://​bottlepy.org|bottle]] module. (Yes I like this module!) )), ''​updater''​ and ''​dnsmasq''​. However the later will conflict ​with the regular dnsmasq((If you know what you are doing (and your host has multiple IP's) they can co-exist with a little bit of effort.)).
  
 Together they form a malware, spyware and adblocking solution for your entire network! ''​updater''​ will download blacklists of domain names for well know ad, spy and malware. It will then generate a custom ''​dnsmasq''​ configuration that will make those domains point to the host running Adblock. ''​adserv''​ will then pick up the requests to images, javascript files,... for those domains and replace them with a transparent pixel. It will also output a simple html page that will close itself if it is opened in a new windows (Popup). ​ Together they form a malware, spyware and adblocking solution for your entire network! ''​updater''​ will download blacklists of domain names for well know ad, spy and malware. It will then generate a custom ''​dnsmasq''​ configuration that will make those domains point to the host running Adblock. ''​adserv''​ will then pick up the requests to images, javascript files,... for those domains and replace them with a transparent pixel. It will also output a simple html page that will close itself if it is opened in a new windows (Popup). ​
Line 9: Line 11:
  
 ===== How it works ===== ===== How it works =====
 +{{:​projects:​solaris:​adblock-overview.png?​nolink|}}
 +
 +''​updater'':​\\
 +1. download //​adware.dns//,​ //​spyware.dns//​ and //​malware.dns//​ from the internet.\\
 +2. merge //​adware.dns//,​ //​spyware.dns//,​ //​malware.dns//​ and //​custom.dns//​ files into a blacklist, it them subtracts the entries from ''​ignore.dns''​\\
 +3. converts blacklist into a dnsmasq configuration file\\
 +4. restart ''​dnsmasq''​ and sleeps for 4 hours, goes back to 1.
 +
 +''​dnsmasq'':​\\
 +1. gets DNS query\\
 +2. checks in local configuration for IP\\
 +3a. returns IP adblock host (domain was found in blacklist)\\
 +3b. queries downstream servers configured in //​adblock-resolv.conf//​((It is important this is **not** a server that points back to the adblock server!)) (domain was not found in blacklist) ​
 +
 +''​adserv'':​\\
 +1. gets HTTP request\\
 +2. returns dummy result: image -> 1x1 transparent pixel, html page -> popup closer, xml, javascript,​... -> dummy file.
 +
 +===== Installation =====
 +The installation is quite simple if you run OmniOS.
 +
 +Simple add the omnios.blackdot.be repository and install the adblock package.\\
 +Edit the //​adblock-dnsmasq.conf//​ and set **listen-address** to the correct IP! Optionally also change the upstream DNS servers in //​adblock-resolv.conf//​. Then simply enable the services.
  
 +<​konsole>​
 +# pfexec pkg set-publisher -g http://​omnios.blackdot.be -g omnios.blackdot.be
 +# pfexec pkg refresh --full
 +# pfexec pkg install obd/​server/​misc/​adblock
 +# pfexec vi /​opt/​obd/​etc/​adblock/​adblock-dnsmasq.conf
 +# pfexec vi /​opt/​obd/​etc/​adblock/​adblock-resolv.conf
 +# pfexec svcadm enable adblock/​updater
 +# pfexec svcadm enable adblock/​adserv
 +# pfexec svcadm enable adblock/​dnsmasq
 +# pfexec svcs -x (to check for errors)
 +</​konsole>​
  
 +You can test by setting the adblock host as your DNS server for a single host. ((If the host is Mac OSX, make sure to flush the resolver caches! There are some wierd DNS bugs on Mac OSX.))
projects/solaris/adblock.1374517686.txt.gz · Last modified: 2014/10/09 22:02 (external edit)