Mikaela
/
shell-things
mirror of https://gitea.blesmrt.net/mikaela/shell-things.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

blocklist.conf: refuse blocked instead of nxdomain 

Only the Firefox DoH needs to be NXDOMAIN while REFUSE may be more
accurate for the rest.
This commit is contained in:
Aminda Suomalainen 2020-11-21 12:13:55 +02:00
parent e7a6e00b83
commit e9aefd711b
Signed by: Mikaela
GPG Key ID: 99392F62BAE30723
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
etc/unbound/unbound.conf.d/blocklist.conf
View File

@ -7,10 +7,10 @@ local-zone: "use-application-dns.net." always_nxdomain
# I have something very aggressively attempting to resolve Google Analytics
# and errorring on DNSSEC due to upstream resolver blocking them.
local-zone: "google-analytics.com." always_nxdomain
local-zone: "ssl.google-analytics.com." always_nxdomain
local-zone: "www.google-analytics.com." always_nxdomain
local-zone: "google-analytics.com." always_refuse
local-zone: "ssl.google-analytics.com." always_refuse
local-zone: "www.google-analytics.com." always_refuse
# On top NextDNS blocks after Google Analytics, while I am not entirely sure
# blocking it is in my interests.
local-zone: "incoming.telemetry.mozilla.org." always_nxdomain
local-zone: "incoming.telemetry.mozilla.org." always_refuse