Home Blocking ads by DNS using BIND
Post
Cancel

Blocking ads by DNS using BIND

Something i have recently setup on my home network is the ability to blacklist domains and ads by DNS. Instead of giving the correct address for the requested ad, my DNS server points the domain name to an internal server hosting a 1×1 pixel gif. This also reduces bandwidth used.

This is all assuming you run your own DNS server on your network.

Heres how to configure BIND

Download the “pixelserv” script. This is a really basic webserver written in perl which will provide the 1×1 gif.

You can get it Here Note, its hosted on sourceforge.

You need to make a couple of changes. First, take the .txt off the end of it. Also, change the IP address in the “LocalHost” Sections, from 0.0.0.0 to the IP of the host you are running this on. (im running it directly on my DNS server) Finally, you need to make the script executable, with the following:

1
[[email protected] ~]# chmod +x pixelserv.pl

Next you need to start the script. I’ve opted to run it in a screen session

1
[[email protected] ~]# screen ./pixelserv.pl

Now we need to get the actual blocklist. Im using the following list from Here

1
2
3
[[email protected] ~]# sudo wget -O 
/var/named/ad-blacklist 
'http://pgl.yoyo.org/adservers/serverlist.php?hostformat=bindconfig&showintro=0&mimetype=plaintext'

Next we need to tell BIND to include this list.

1
[[email protected] ~]# vim /etc/named.conf

Add in the following:

1
include "/var/named/ad-blacklist;

Now we need to setup a zone file for all the ad addresses we are going to block.

1
[[email protected] ~]#vim /var/named/null.zone.file

Add the following.

1
2
3
4
5
6
7
8
9
10
11
12
13
$TTL    86400   ; one day
@       IN      SOA     nds.example.com. hostmaster.example.com. (
            2002061000       ; serial number YYMMDDNN
            28800   ; refresh  8 hours
            7200    ; retry    2 hours
            864000  ; expire  10 days
            86400 ) ; min ttl  1 day
        NS      nds.example.com
        A       192.168.1.100
@               IN      A       192.168.1.100
*               IN      A       192.168.1.100


Dont forget to change the ip’s to your host running pixelserv.

Now all you need to do is reload bind, though i prefer to restart it.

1
[[email protected] ~]# service named restart
This post is licensed under CC BY 4.0 by the author.