From f40be86d33285e70d50b4044f12c930752a23a14 Mon Sep 17 00:00:00 2001 From: Minoplhy Date: Thu, 28 Jan 2021 16:26:14 +0700 Subject: [PATCH 1/7] Delete allowlist.rpz --- filters/allowlist.rpz | 18 ------------------ 1 file changed, 18 deletions(-) delete mode 100644 filters/allowlist.rpz diff --git a/filters/allowlist.rpz b/filters/allowlist.rpz deleted file mode 100644 index 7a2399d..0000000 --- a/filters/allowlist.rpz +++ /dev/null @@ -1,18 +0,0 @@ -$TTL 6h -@ IN SOA localhost. root.localhost. (1 6h 1h 1w 2h) - IN NS localhost. -; start allowlist -------vv -*.gvt1.com CNAME rpz-passthru. -*.play.googleapis.com CNAME rpz-passthru. -exappupgrade.vivoglobal.com CNAME rpz-passthru. -sysupgrade-api.vivoglobal.com CNAME rpz-passthru. -keepass.info CNAME rpz-passthru. -*.keepass.info CNAME rpz-passthru. -keepassdx.com CNAME rpz-passthru. -*.keepassdx.com CNAME rpz-passthru. -ddos-guard.net CNAME rpz-passthru. -*.ddos-guard.net CNAME rpz-passthru. -blueangelhost.com CNAME rpz-passthru. -*.blueangelhost.com CNAME rpz-passthru. -markmonitor.com CNAME rpz-passthru. -*.markmonitor.com CNAME rpz-passthru. From b9708318d8cee207f02496e5688cf3000bf062e7 Mon Sep 17 00:00:00 2001 From: Minoplhy Date: Thu, 28 Jan 2021 16:27:20 +0700 Subject: [PATCH 2/7] Delete denylist.rpz --- filters/denylist.rpz | 72 -------------------------------------------- 1 file changed, 72 deletions(-) delete mode 100644 filters/denylist.rpz diff --git a/filters/denylist.rpz b/filters/denylist.rpz deleted file mode 100644 index 22d4423..0000000 --- a/filters/denylist.rpz +++ /dev/null @@ -1,72 +0,0 @@ -; start! -in-os-config-appstore.vivoglobal.com CNAME . -asia-vcode-od.vivoglobal.com CNAME . -excfgfile-vivofs-asia.vivo.com.cn CNAME . -footprints-pa.googleapis.com CNAME . -people-pa.googleapis.com CNAME . -lamssettings-pa.googleapis.com CNAME . -cdn.syndication.twimg.com CNAME . -fonts.gstatic.com CNAME . -fonts.googleapis.com CNAME . -platform.twitter.com CNAME . -asia-analyzer-appstore.vivoglobal.com CNAME . -platform.instagram.com CNAME . -alb.reddit.com CNAME . -s.reddit.com CNAME . -graph.fbpigeon.com CNAME . - -; Will broke some sites/app -*.tencent.com CNAME . -*.baidu.com CNAME . -*.tencent.cn CNAME . -*.tiktok.com CNAME . -*.qq.com CNAME . -*.mail.ru CNAME . -*.vivo.com.cn CNAME . -*.vivoglobal.com CNAME . - -; Express vpn folk -*.get-express-vpn.com CNAME . -get-express-vpn.com CNAME . -*.get-express-vpn.org CNAME . -get-express-vpn.org CNAME . -*.get-express-vpn.net CNAME . -get-express-vpn.net CNAME . -*.get-express-vpn.xyz CNAME . -get-express-vpn.xyz CNAME . - -; qq related -err-up.vivoglobal.com CNAME . -ro-up.vivoglobal.com CNAME . -dldir1.qq.com CNAME . -0report.syzs.qq.com CNAME . -qbwup.imtt.qq.com CNAME . -masterconn.qq.com CNAME . -masterconn2.qq.com CNAME . -masterconn11.qq.com CNAME . -master.etl.desktop.qq.com CNAME . -btrace.qq.com CNAME . -downloadtpt.gamedl.qq.com CNAME . -c.gj.qq.com CNAME . -ga.gamedl.qq.com CNAME . -myapp.com CNAME . -gamedl.qq.com CNAME . -stat.gamedl.qq.com CNAME . -p2pupdate.gamedl.qq.com CNAME . -stun.qqlive.qq.com CNAME . -ps2.gamedl.qq.com CNAME . -config.gamedl.qq.com CNAME . -p2pupgrade.gamedl.qq.com CNAME . -syzs.qq.com CNAME . -s.syzs.qq.com CNAME . -guanjia.qq.com CNAME . -sy.guanjia.qq.com CNAME . -gameloop.fun CNAME . -s.gameloop.fun CNAME . -sy.gameloop.fun CNAME . - -; MediaTek -pepodownload.mediatek.com CNAME . -qepodownload.mediatek.com CNAME . -pgepodownload.mediatek.com CNAME . -qgepodownload.mediatek.com CNAME . From 84e6bf9fffa3e50f0a7e62ca0e6531d61371d91c Mon Sep 17 00:00:00 2001 From: Minoplhy Date: Thu, 28 Jan 2021 16:28:29 +0700 Subject: [PATCH 3/7] Delete thirdparty-lists.txt --- filters/thirdparty-lists.txt | 9 --------- 1 file changed, 9 deletions(-) delete mode 100644 filters/thirdparty-lists.txt diff --git a/filters/thirdparty-lists.txt b/filters/thirdparty-lists.txt deleted file mode 100644 index 97643b6..0000000 --- a/filters/thirdparty-lists.txt +++ /dev/null @@ -1,9 +0,0 @@ -# List of third party filters besides my personal list -https://block.energized.pro/ultimate/formats/rpz.txt -https://rpz.oisd.nl/ -https://pgl.yoyo.org/adservers/serverlist.php?hostformat=rpz&showintro=1&mimetype=plaintext -https://block.energized.pro/extensions/social/formats/rpz.txt -https://block.energized.pro/extensions/regional/formats/rpz.txt -https://urlhaus.abuse.ch/downloads/rpz/ -https://block.energized.pro/extensions/xtreme/formats/rpz.txt -https://oooo.b-cdn.net/blahdns/blahdns_rpz.txt From 6b64a7e9a9fd152a664e13bc1af9e57c333a60e2 Mon Sep 17 00:00:00 2001 From: Minoplhy Date: Thu, 28 Jan 2021 16:37:15 +0700 Subject: [PATCH 4/7] Part of the Revolution --- download-filters.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/download-filters.sh b/download-filters.sh index da0afb0..66e89f7 100644 --- a/download-filters.sh +++ b/download-filters.sh @@ -1,8 +1,8 @@ #!/bin/sh +wget -O /etc/knot-resolver/list/minopallow.rpz https://github.com/minoplhy/dnsBlocklist/raw/main/rpz/allowlist.rpz +wget -O /etc/knot-resolver/list/minopdeny.rpz https://github.com/minoplhy/dnsBlocklist/raw/main/rpz/denylist.rpz wget -O /etc/knot-resolver/list/energized-ultimate.rpz https://block.energized.pro/ultimate/formats/rpz.txt wget -O /etc/knot-resolver/list/oisd.rpz https://rpz.oisd.nl -wget -O /etc/knot-resolver/list/allowlist.rpz https://raw.githubusercontent.com/minoplhy/doh-dot-haproxy/main/filters/allowlist.rpz -wget -O /etc/knot-resolver/list/denylist.rpz https://raw.githubusercontent.com/minoplhy/doh-dot-haproxy/main/filters/denylist.rpz wget -O /etc/knot-resolver/list/pgl-adserver.rpz https://pgl.yoyo.org/adservers/serverlist.php?hostformat=rpz&showintro=1&mimetype=plaintext wget -O /etc/knot-resolver/list/energized-social.rpz https://block.energized.pro/extensions/social/formats/rpz.txt wget -O /etc/knot-resolver/list/energized-regional.rpz https://block.energized.pro/extensions/regional/formats/rpz.txt From fe7ec1d340a9efea2a2bd2fbf7b8cf04f19f2746 Mon Sep 17 00:00:00 2001 From: Minoplhy Date: Thu, 28 Jan 2021 16:38:05 +0700 Subject: [PATCH 5/7] Part of The Revolution --- configuration/kresd.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/configuration/kresd.conf b/configuration/kresd.conf index dc1a53e..e31ad70 100644 --- a/configuration/kresd.conf +++ b/configuration/kresd.conf @@ -20,9 +20,9 @@ cache.size = 100 * MB -- policy help : https://knot-resolver.readthedocs.io/en/stable/modules-policy.html -- This is Just a Blocklist -policy.add(policy.rpz(policy.PASS, '/etc/knot-resolver/list/allowlist.rpz',true)) +policy.add(policy.rpz(policy.PASS, '/etc/knot-resolver/list/minopallow.rpz',true)) +policy.add(policy.rpz(policy.REFUSE, '/etc/knot-resolver/list/minopdeny.rpz',true)) policy.add(policy.rpz(policy.REFUSE, '/etc/knot-resolver/list/energized-ultimate.rpz',true)) -policy.add(policy.rpz(policy.REFUSE, '/etc/knot-resolver/list/denylist.rpz',true)) policy.add(policy.rpz(policy.REFUSE, '/etc/knot-resolver/list/oisd.rpz',true)) policy.add(policy.rpz(policy.REFUSE, '/etc/knot-resolver/list/pgl-adserver.rpz',true)) policy.add(policy.rpz(policy.REFUSE, '/etc/knot-resolver/list/energized-social.rpz',true)) From 47ee587e1b18d9ddd98e403c60893014930fd3ce Mon Sep 17 00:00:00 2001 From: Minoplhy Date: Thu, 28 Jan 2021 16:38:44 +0700 Subject: [PATCH 6/7] Leaks Fixing --- configuration/haproxy.cfg | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/configuration/haproxy.cfg b/configuration/haproxy.cfg index 2e70352..952bec1 100644 --- a/configuration/haproxy.cfg +++ b/configuration/haproxy.cfg @@ -62,8 +62,8 @@ backend dns-dot # TCP LB (443) frontend 443-in-doh - bind 0.0.0.0:443 strict-sni tfo ssl crt /etc/haproxy/certs/doh.ludns.nakadlto.cz.pem - bind [::]:443 strict-sni tfo ssl crt /etc/haproxy/certs/doh.ludns.nakadlto.cz.pem + bind 0.0.0.0:443 strict-sni tfo ssl crt /etc/haproxy/certs/doh.domain.pem + bind [::]:443 strict-sni tfo ssl crt /etc/haproxy/certs/doh.domain.pem mode http From bbe9819165efcbcb413a29fdac2f2ce3ad072adf Mon Sep 17 00:00:00 2001 From: Minoplhy Date: Thu, 28 Jan 2021 16:47:24 +0700 Subject: [PATCH 7/7] Update kresd.conf --- configuration/kresd.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/configuration/kresd.conf b/configuration/kresd.conf index e31ad70..531e6c0 100644 --- a/configuration/kresd.conf +++ b/configuration/kresd.conf @@ -2,6 +2,7 @@ -- vim:syntax=lua:set ts=4 sw=4: -- Refer to manual: https://knot-resolver.readthedocs.org/en/stable/ +-- This Will Keep Log Disable (false) will stop this. verbose(true) -- Network interface configuration net.listen('127.0.0.1', 5353, { kind = 'dns' })