Blocking ads by DNS using BIND
Something i have recently setup on my home network is the ability to blacklist domains and ads by DNS. Instead of giving the correct address for the requested ad, my DNS server points the domain name to an internal server hosting a 1×1 pixel gif. This also reduces bandwidth used.
This is all assuming you run your own DNS server on your network.
Heres how to configure BIND
Download the “pixelserv” script. This is a really basic webserver written in perl which will provide the 1×1 gif.
You can get it Here Note, its hosted on sourceforge.
You need to make a couple of changes. First, take the .txt off the end of it. Also, change the IP address in the “LocalHost” Sections, from 0.0.0.0 to the IP of the host you are running this on. (im running it directly on my DNS server) Finally, you need to make the script executable, with the following:
[root@dns1 ~]# chmod +x pixelserv.plNext you need to start the script. I’ve opted to run it in a screen session
[root@dns1 ~]# screen ./pixelserv.plNow we need to get the actual blocklist. Im using the following list from Here
[root@dns1 ~]# sudo wget -O
/var/named/ad-blacklist
'http://pgl.yoyo.org/adservers/serverlist.php?hostformat=bindconfig&showintro=0&mimetype=plaintext'Next we need to tell BIND to include this list.
[root@dns1 ~]# vim /etc/named.confAdd in the following:
include "/var/named/ad-blacklist;Now we need to setup a zone file for all the ad addresses we are going to block.
[root@dns1 ~]#vim /var/named/null.zone.fileAdd the following.
$TTL 86400 ; one day
@ IN SOA nds.example.com. hostmaster.example.com. (
2002061000 ; serial number YYMMDDNN
28800 ; refresh 8 hours
7200 ; retry 2 hours
864000 ; expire 10 days
86400 ) ; min ttl 1 day
NS nds.example.com
A 192.168.1.100
@ IN A 192.168.1.100
* IN A 192.168.1.100Dont forget to change the ip’s to your host running pixelserv.
Now all you need to do is reload bind, though i prefer to restart it.
[root@dns1 ~]# service named restart