unbound: move some from blocklist.conf to please-hijack-me.conf

This commit is contained in:
Aminda Suomalainen 2024-09-13 08:52:44 +03:00
parent 0ce04b0742
commit d4e994c459
Signed by: Mikaela
SSH Key Fingerprint: SHA256:CXLULpqNBdUKB6E6fLA1b/4SzG0HvKD19PbIePU175Q
2 changed files with 40 additions and 4 deletions

View File

@ -24,15 +24,15 @@ local-zone: "graph.facebook.com." always_refuse
local-zone: "fritz.box." always_refuse
# Netgear
local-zone: "mywifiext.net." always_refuse
#local-zone: "mywifiext.net." always_refuse
# TP-Link
local-zone: "tplinkrepeater.net." always_refuse
#local-zone: "tplinkrepeater.net." always_refuse
# ASUS
local-zone: "router.asus.com." always_refuse
#local-zone: "router.asus.com." always_refuse
# Norwegian planes
local-zone: "norwegianwifi.com." always_refuse
#local-zone: "norwegianwifi.com." always_refuse
# vim: filetype=unbound.conf

View File

@ -0,0 +1,36 @@
# These domains belong to silly network appliances or captive portals that
# wish to perform DNS hijacking instead of just using IP addresses. The
# server is https://dns0.eu/zero and hopefully rejects upstream queries
# should the domains become malicious.
# Pv6 is not specified since I don't think the silly devices support that.
server:
# Quad9 says pointless performance impact on forwarders.
# https://docs.quad9.net/Quad9_For_Organizations/DNS_Forwarder_Best_Practices/#disable-qname-minimization
qname-minimisation: no
forward-zone:
name: "router.asus.com."
forward-tls-upstream: no
forward-addr: 193.110.81.9
forward-addr: 185.253.5.9
forward-zone:
name: "tplinkrepeater.net."
forward-tls-upstream: no
forward-addr: 193.110.81.9
forward-addr: 185.253.5.9
# Netgear
forward-zone:
name: "mywifiext.net."
forward-tls-upstream: no
forward-addr: 193.110.81.9
forward-addr: 185.253.5.9
forward-zone:
name: "norwegianwifi.com."
forward-tls-upstream: no
forward-addr: 193.110.81.9
forward-addr: 185.253.5.9
# vim: filetype=unbound.conf