Something i have recently setup on my home network is the ability to blacklist domains and ads by DNS. Instead of giving the correct address for the requested ad, my DNS server points the domain name to an internal server hosting a 1x1 pixel gif. This also reduces bandwidth used.
This is all assuming you run your own DNS server on your network.
Heres how to configure BIND
Download the “pixelserv” script. This is a really basic webserver written in perl which will provide the 1x1 gif.
You can get it Here Note, its hosted on sourceforge.
You need to make a couple of changes. First, take the .txt off the end of it. Also, change the IP address in the “LocalHost” Sections, from 0.0.0.0 to the IP of the host you are running this on. (im running it directly on my DNS server) Finally, you need to make the script executable, with the following:
[root@dns1 ~]# chmod +x pixelserv.pl
Next you need to start the script. I’ve opted to run it in a screen session
[root@dns1 ~]# screen ./pixelserv.pl
Now we need to get the actual blocklist. Im using the following list from Here
[root@dns1 ~]# sudo wget -O /var/named/ad-blacklist 'http://pgl.yoyo.org/adservers/serverlist.php?hostformat=bindconfig&showintro=0&mimetype=plaintext'
Next we need to tell BIND to include this list.
[root@dns1 ~]# vim /etc/named.conf
Add in the following:
Now we need to setup a zone file for all the ad addresses we are going to block.
[root@dns1 ~]#vim /var/named/null.zone.file
Add the following.
$TTL 86400 ; one day @ IN SOA nds.example.com. hostmaster.example.com. ( 2002061000 ; serial number YYMMDDNN 28800 ; refresh 8 hours 7200 ; retry 2 hours 864000 ; expire 10 days 86400 ) ; min ttl 1 day NS nds.example.com A 192.168.1.100 @ IN A 192.168.1.100 * IN A 192.168.1.100
Dont forget to change the ip’s to your host running pixelserv.
Now all you need to do is reload bind, though i prefer to restart it.
[root@dns1 ~]# service named restart