Revolution Merge

Filters now has a dedicated Repository

configuration/haproxy.cfg

@@ -62,8 +62,8 @@ backend dns-dot
 
 # TCP LB (443)
 frontend 443-in-doh
-	bind 0.0.0.0:443 strict-sni tfo ssl crt /etc/haproxy/certs/doh.ludns.nakadlto.cz.pem
-        bind [::]:443 strict-sni tfo ssl crt /etc/haproxy/certs/doh.ludns.nakadlto.cz.pem
+	bind 0.0.0.0:443 strict-sni tfo ssl crt /etc/haproxy/certs/doh.domain.pem
+        bind [::]:443 strict-sni tfo ssl crt /etc/haproxy/certs/doh.domain.pem
 
         mode http
 

configuration/kresd.conf

@@ -2,6 +2,7 @@
 -- vim:syntax=lua:set ts=4 sw=4:
 -- Refer to manual: https://knot-resolver.readthedocs.org/en/stable/
 
+-- This Will Keep Log Disable (false) will stop this.
 verbose(true)
 -- Network interface configuration
 net.listen('127.0.0.1', 5353, { kind = 'dns' })
@@ -20,9 +21,9 @@ cache.size = 100 * MB
 
 -- policy help : https://knot-resolver.readthedocs.io/en/stable/modules-policy.html
 -- This is Just a Blocklist
-policy.add(policy.rpz(policy.PASS, '/etc/knot-resolver/list/allowlist.rpz',true))
+policy.add(policy.rpz(policy.PASS, '/etc/knot-resolver/list/minopallow.rpz',true))
+policy.add(policy.rpz(policy.REFUSE, '/etc/knot-resolver/list/minopdeny.rpz',true))
 policy.add(policy.rpz(policy.REFUSE, '/etc/knot-resolver/list/energized-ultimate.rpz',true))
-policy.add(policy.rpz(policy.REFUSE, '/etc/knot-resolver/list/denylist.rpz',true))
 policy.add(policy.rpz(policy.REFUSE, '/etc/knot-resolver/list/oisd.rpz',true))
 policy.add(policy.rpz(policy.REFUSE, '/etc/knot-resolver/list/pgl-adserver.rpz',true))
 policy.add(policy.rpz(policy.REFUSE, '/etc/knot-resolver/list/energized-social.rpz',true))

download-filters.sh

@@ -1,8 +1,8 @@
 #!/bin/sh
+wget -O /etc/knot-resolver/list/minopallow.rpz https://github.com/minoplhy/dnsBlocklist/raw/main/rpz/allowlist.rpz
+wget -O /etc/knot-resolver/list/minopdeny.rpz https://github.com/minoplhy/dnsBlocklist/raw/main/rpz/denylist.rpz
 wget -O /etc/knot-resolver/list/energized-ultimate.rpz  https://block.energized.pro/ultimate/formats/rpz.txt 
 wget -O /etc/knot-resolver/list/oisd.rpz https://rpz.oisd.nl
-wget -O /etc/knot-resolver/list/allowlist.rpz https://raw.githubusercontent.com/minoplhy/doh-dot-haproxy/main/filters/allowlist.rpz
-wget -O /etc/knot-resolver/list/denylist.rpz https://raw.githubusercontent.com/minoplhy/doh-dot-haproxy/main/filters/denylist.rpz
 wget -O /etc/knot-resolver/list/pgl-adserver.rpz https://pgl.yoyo.org/adservers/serverlist.php?hostformat=rpz&showintro=1&mimetype=plaintext
 wget -O /etc/knot-resolver/list/energized-social.rpz https://block.energized.pro/extensions/social/formats/rpz.txt
 wget -O /etc/knot-resolver/list/energized-regional.rpz https://block.energized.pro/extensions/regional/formats/rpz.txt

filters/allowlist.rpz

@@ -1,18 +0,0 @@
-$TTL 6h
-@ IN SOA localhost. root.localhost. (1 6h 1h 1w 2h)
-  IN NS  localhost.
-; start allowlist -------vv
-*.gvt1.com CNAME rpz-passthru.
-*.play.googleapis.com CNAME rpz-passthru.
-exappupgrade.vivoglobal.com CNAME rpz-passthru.
-sysupgrade-api.vivoglobal.com CNAME rpz-passthru.
-keepass.info CNAME rpz-passthru.
-*.keepass.info CNAME rpz-passthru.
-keepassdx.com CNAME rpz-passthru.
-*.keepassdx.com CNAME rpz-passthru.
-ddos-guard.net CNAME rpz-passthru.
-*.ddos-guard.net CNAME rpz-passthru.
-blueangelhost.com CNAME rpz-passthru.
-*.blueangelhost.com CNAME rpz-passthru.
-markmonitor.com CNAME rpz-passthru.
-*.markmonitor.com CNAME rpz-passthru.

filters/denylist.rpz

@@ -1,72 +0,0 @@
-; start!
-in-os-config-appstore.vivoglobal.com CNAME .
-asia-vcode-od.vivoglobal.com CNAME .
-excfgfile-vivofs-asia.vivo.com.cn CNAME .
-footprints-pa.googleapis.com CNAME .
-people-pa.googleapis.com CNAME .
-lamssettings-pa.googleapis.com CNAME .
-cdn.syndication.twimg.com CNAME .
-fonts.gstatic.com CNAME .
-fonts.googleapis.com CNAME .
-platform.twitter.com CNAME .
-asia-analyzer-appstore.vivoglobal.com CNAME .
-platform.instagram.com CNAME .
-alb.reddit.com CNAME .
-s.reddit.com CNAME .
-graph.fbpigeon.com CNAME .
-
-; Will broke some sites/app
-*.tencent.com CNAME .
-*.baidu.com CNAME .
-*.tencent.cn CNAME .
-*.tiktok.com CNAME .
-*.qq.com CNAME .
-*.mail.ru CNAME .
-*.vivo.com.cn CNAME .
-*.vivoglobal.com CNAME .
-
-; Express vpn folk
-*.get-express-vpn.com CNAME .
-get-express-vpn.com CNAME .
-*.get-express-vpn.org CNAME .
-get-express-vpn.org CNAME .
-*.get-express-vpn.net CNAME .
-get-express-vpn.net CNAME .
-*.get-express-vpn.xyz CNAME .
-get-express-vpn.xyz CNAME .
-
-; qq related
-err-up.vivoglobal.com CNAME .
-ro-up.vivoglobal.com CNAME .
-dldir1.qq.com CNAME .
-0report.syzs.qq.com CNAME .
-qbwup.imtt.qq.com CNAME .
-masterconn.qq.com CNAME .
-masterconn2.qq.com CNAME .
-masterconn11.qq.com CNAME .
-master.etl.desktop.qq.com CNAME .
-btrace.qq.com CNAME .
-downloadtpt.gamedl.qq.com CNAME .
-c.gj.qq.com CNAME .
-ga.gamedl.qq.com CNAME .
-myapp.com CNAME .
-gamedl.qq.com CNAME .
-stat.gamedl.qq.com CNAME .
-p2pupdate.gamedl.qq.com CNAME .
-stun.qqlive.qq.com CNAME .
-ps2.gamedl.qq.com CNAME .
-config.gamedl.qq.com CNAME .
-p2pupgrade.gamedl.qq.com CNAME .
-syzs.qq.com CNAME .
-s.syzs.qq.com CNAME .
-guanjia.qq.com CNAME .
-sy.guanjia.qq.com CNAME .
-gameloop.fun CNAME .
-s.gameloop.fun CNAME .
-sy.gameloop.fun CNAME .
-
-; MediaTek
-pepodownload.mediatek.com CNAME .
-qepodownload.mediatek.com CNAME .
-pgepodownload.mediatek.com CNAME .
-qgepodownload.mediatek.com CNAME .

filters/thirdparty-lists.txt

@@ -1,9 +0,0 @@
-# List of third party filters besides my personal list
-https://block.energized.pro/ultimate/formats/rpz.txt
-https://rpz.oisd.nl/
-https://pgl.yoyo.org/adservers/serverlist.php?hostformat=rpz&showintro=1&mimetype=plaintext
-https://block.energized.pro/extensions/social/formats/rpz.txt
-https://block.energized.pro/extensions/regional/formats/rpz.txt
-https://urlhaus.abuse.ch/downloads/rpz/
-https://block.energized.pro/extensions/xtreme/formats/rpz.txt
-https://oooo.b-cdn.net/blahdns/blahdns_rpz.txt