Block ads and malware via local DNS server
GPL-3.0 License
sudo apt install bind9
cd /etc/bind/
include "/etc/bind/named.conf.blocked";
$TTL 24h
@ IN SOA server.yourdomain.com. hostmaster.yourdomain.com. (
2003052800 86400 300 604800 3600 )
@ IN NS server.yourdomain.com.
@ IN A 0.0.0.0
* IN A 0.0.0.0
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
forwarders {
8.8.8.8;
8.8.4.4;
};
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
check-names master ignore;
check-names slave ignore;
check-names response ignore;
};
cd ~
wget https://raw.githubusercontent.com/mueller-ma/block-ads-via-dns/master/generate-zonefile.sh
chmod +x generate-zonefile.sh
./generate-zonefile.sh
generate-zonefile.sh