unbound: merge 00-insecure-domains.conf into blocklist.conf

This commit is contained in:
Aminda Suomalainen 2024-04-22 07:10:18 +03:00
parent 892feb3c1b
commit 623a9150fd
Signed by: Mikaela
SSH Key Fingerprint: SHA256:CXLULpqNBdUKB6E6fLA1b/4SzG0HvKD19PbIePU175Q
2 changed files with 17 additions and 35 deletions

View File

@ -1,35 +0,0 @@
# Domains to be sent through plaintext DNS for getting hijacked by devices
# that tend to cause headache.
# Uses Google DNS, because I don't use it for anything else and don't plan
# to for the foreseeable future, so it is easier to spot from logs.
# Is it secure? Google likely also knows I have these devices on my network
# thanks to Android.
server:
forward-zone:
name: "mywifiext.net"
forward-tls-upstream: no
forward-addr: 8.8.8.8
forward-zone:
name: "tplinkrepeater.net"
forward-tls-upstream: no
forward-addr: 8.8.8.8
forward-zone:
name: "router.asus.com"
forward-tls-upstream: no
forward-addr: 8.8.8.8
forward-zone:
name: "norwegianwifi.com"
forward-tls-upstream: no
forward-addr: 8.8.8.8
# Can I refer to subdomain as a zone?
forward-zone:
name: "http.badssl.com"
forward-tls-upstream: no
forward-addr: 8.8.8.8
# vim: filetype=unbound.conf

View File

@ -17,5 +17,22 @@ local-zone: "matrix.to." always_refuse
# in particular, likely websites too. # in particular, likely websites too.
local-zone: "graph.facebook.com." always_refuse local-zone: "graph.facebook.com." always_refuse
## APPLIANCE/CAPTIVE PORTAL DOMAINS
# Search these through host or dig to another server instead!
# Fritz router/modem default search domain and control panel. # Fritz router/modem default search domain and control panel.
local-zone: "fritz.box." always_refuse local-zone: "fritz.box." always_refuse
# Netgear
local-zone: "mywifiext.net." always_refuse
# TP-Link
local-zone: "tplinkrepeater.net." always_refuse
# ASUS
local-zone: "router.asus.com." always_refuse
# Norwegian planes
local-zone: "norwegianwifi.com." always_refuse
# vim: filetype=unbound.conf