ca2956b678 
							
						 
					 
					
						
						
							
							unbound/blocklist: note encrypted client hello  
						
						
						
						
					 
					
						2023-05-13 17:17:20 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							603ac4a011 
							
						 
					 
					
						
						
							
							unbound/blocklist.conf: remove Mozilla Telemetry  
						
						
						
						
					 
					
						2023-05-13 17:16:17 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							fdeab81c2b 
							
						 
					 
					
						
						
							
							unbound/blocklist.conf: add matrix.to as dared by !KMbEUhVQHLwZHmwzKX:matrix.org  
						
						
						
						
					 
					
						2023-05-13 17:14:45 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							e9998f4079 
							
						 
					 
					
						
						
							
							rm etc/unbound/unbound.conf.d/dns-over-tls.conf  
						
						... 
						
						
						
						I think the file is inherently flawed due to different types of filtering/non-filtering resolvers, different locations, unknown ECS policies etc. Importantly I am not actively looking at this and just came across old version running in production 
						
						
					 
					
						2023-02-26 09:15:19 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							9bdc67dd29 
							
						 
					 
					
						
						
							
							unbound & systmed-resolved: add DNS0 open  
						
						... 
						
						
						
						Ref: #153  
						
						
					 
					
						2023-02-23 10:11:03 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							cc5e7b7225 
							
						 
					 
					
						
						
							
							unbound: add DNS0 & DNS0 zero DoT config  
						
						... 
						
						
						
						Resolves : #153  
					
						2023-02-22 10:58:04 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							2e6a03d402 
							
						 
					 
					
						
						
							
							sastisfy editorconfig check  
						
						
						
						
					 
					
						2023-02-21 19:08:54 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							1de04a8367 
							
						 
					 
					
						
						
							
							unbound/00-insecure-domains.conf: add http.badssl.com, my captive portal trigger goto  
						
						
						
						
					 
					
						2022-10-03 22:01:15 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							1e40420115 
							
						 
					 
					
						
						
							
							unbound: rm outdated yggdrasil-override  
						
						... 
						
						
						
						Ref: #89  
						
						
					 
					
						2021-10-05 12:38:16 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							bfa51f500b 
							
						 
					 
					
						
						
							
							unbound/dns-over-tls.conf: stop advertising Debian 9  
						
						
						
						
					 
					
						2021-10-05 12:34:10 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							ee293669d9 
							
						 
					 
					
						
						
							
							unbound: add dot-flushable-cache.conf  
						
						... 
						
						
						
						Resolves : #105  
					
						2021-10-05 12:33:40 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							75731868e7 
							
						 
					 
					
						
						
							
							unbound/dns-over-tls.conf: allow non-Finnish anycast & note being used on servers  
						
						
						
						
					 
					
						2021-06-11 19:39:57 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							1ad289aa49 
							
						 
					 
					
						
						
							
							unbound/dot-mullvad-adblock.conf: add missing port number  
						
						
						
						
					 
					
						2021-04-27 21:40:16 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							41879fe5e8 
							
						 
					 
					
						
						
							
							unbound.conf.d: rm dns-mullvad, add dot-mullvad[-adblock]  
						
						
						
						
					 
					
						2021-04-27 21:35:58 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							6f8c7de6af 
							
						 
					 
					
						
						
							
							unbound.conf.d: add 00-insecure-domains.conf (WiFi repeater config)  
						
						
						
						
					 
					
						2021-03-14 21:00:32 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							abb0c37ef2 
							
						 
					 
					
						
						
							
							unbound.conf.d: add yggdrasil-override.conf  
						
						... 
						
						
						
						Begins #89  at a better time 
						
						
					 
					
						2020-12-15 20:34:01 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							e9aefd711b 
							
						 
					 
					
						
						
							
							blocklist.conf: refuse blocked instead of nxdomain  
						
						... 
						
						
						
						Only the Firefox DoH needs to be NXDOMAIN while REFUSE may be more
accurate for the rest. 
						
						
					 
					
						2020-11-21 12:13:55 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							e7a6e00b83 
							
						 
					 
					
						
						
							
							unbound/dns-over-tls: comment Adguard & NextDNS for not being in FI  
						
						
						
						
					 
					
						2020-11-15 09:46:50 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							aadcc009a0 
							
						 
					 
					
						
						
							
							unbound/dns-over-tls.conf: add Adguard (unfiltered) & NextDNS  
						
						
						
						
					 
					
						2020-11-12 16:12:18 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							3289a812ee 
							
						 
					 
					
						
						
							
							unbound: add dns-mullvad.conf (not encrypted)  
						
						... 
						
						
						
						Contains Mullvad Wireguard, OpenVPN and public addresses 
						
						
					 
					
						2020-11-10 16:04:48 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							f878041e2e 
							
						 
					 
					
						
						
							
							unbound/dns-over-tls.conf: reverse order of providers  
						
						... 
						
						
						
						It seems to have some (small?) relevance to where queries go to. 
						
						
					 
					
						2020-10-29 16:24:52 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							6e1f41533c 
							
						 
					 
					
						
						
							
							unbound/dns-over-tls.conf: comment the 443 appliedprivacy  
						
						... 
						
						
						
						Thinking it a bit more, it's not useful to use their resources on
devices that practically never encounter blocked port 853. 
						
						
					 
					
						2020-10-29 13:22:19 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							c93034ba7f 
							
						 
					 
					
						
						
							
							unbound/dns-over-tls.conf: major cleanup  
						
						
						
						
					 
					
						2020-10-29 13:15:23 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							1e70d7d4d7 
							
						 
					 
					
						
						
							
							etc/systemd-resolved&unbound: add Quad9 ECS configs  
						
						... 
						
						
						
						Untested. The last time I saw the documentation, they didn't mention
DoT. 
						
						
					 
					
						2020-10-21 17:09:20 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							31a15a9abc 
							
						 
					 
					
						
						
							
							systemd-resolved & unbound: update AdGuard IPs  
						
						... 
						
						
						
						Resolves : #81  
					
						2020-09-27 14:34:54 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							6c2475676c 
							
						 
					 
					
						
						
							
							unbound.conf.d/dot-adguard.conf: fix SNI domain  
						
						
						
						
					 
					
						2020-08-30 16:56:51 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							edb259b1c8 
							
						 
					 
					
						
						
							
							unbound.conf.d: add dot-adguard.conf  
						
						
						
						
					 
					
						2020-08-30 16:45:35 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							cc965d4692 
							
						 
					 
					
						
						
							
							blocklist.conf: add empty line & incoming.telemetry.mozilla.org  
						
						
						
						
					 
					
						2020-08-22 23:31:54 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							263f828550 
							
						 
					 
					
						
						
							
							unbound blocklist: add ssl.google-analytics.com  
						
						
						
						
					 
					
						2020-08-20 19:30:47 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							94eace15e7 
							
						 
					 
					
						
						
							
							unbound/blocklist.conf: specify it's server clause  
						
						... 
						
						
						
						Introduced by e4d18d47c5515ee456587c23fa4c4eade181d693 
						
						
					 
					
						2020-08-20 18:38:37 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							cabf7c570d 
							
						 
					 
					
						
						
							
							blocklist.conf: add [www.]google-analytics.com.  
						
						
						
						
					 
					
						2020-08-20 18:33:51 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							b5cafdeb90 
							
						 
					 
					
						
						
							
							unbound: the mass file is not a good idea? cut it?  
						
						
						
						
					 
					
						2020-08-16 12:18:07 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							e4d18d47c5 
							
						 
					 
					
						
						
							
							etc/.../unbound.conf: update for 1.11.0-1+  
						
						
						
						
					 
					
						2020-08-15 10:27:50 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							7541d93206 
							
						 
					 
					
						
						
							
							dns-over-tls.conf: update BlahDNS-JP addresses  
						
						
						
						
					 
					
						2019-12-01 12:48:02 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
						
						
						
							
						
						
							10b1b8ad86 
							
						 
					 
					
						
						
							
							unbound/dot: fix outdated comment  
						
						
						
						
					 
					
						2019-11-03 00:49:19 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
						
						
						
							
						
						
							7b2c1568d1 
							
						 
					 
					
						
						
							
							unbound/dns-over-tls.conf: replace BlahDNS CH with FI  
						
						... 
						
						
						
						Shutting down on December 31th https://blahdns.com/  
						
						
					 
					
						2019-11-03 00:15:59 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
						
						
						
							
						
						
							d062d6675c 
							
						 
					 
					
						
						
							
							unbound/blacklist.conf: Riot has fixed it's habits  
						
						... 
						
						
						
						Integration manager and identity server can be configured in settings 
						
						
					 
					
						2019-10-16 15:01:48 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
						
						
						
							
						
						
							1e636a65af 
							
						 
					 
					
						
						
							
							unbound/dns-over-tls.conf: enable BlahDNS over Yggdrasil  
						
						
						
						
					 
					
						2019-10-08 20:52:41 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
						
						
						
							
						
						
							0ca2718569 
							
						 
					 
					
						
						
							
							unbound/blocklist.conf: use always_nxdomain, remove publicbt.com  
						
						
						
						
					 
					
						2019-09-10 21:27:23 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
						
						
						
							
						
						
							0c70f41afc 
							
						 
					 
					
						
						
							
							unbound/blocklist: uncomment vector.im, add use-application-dns.net  
						
						... 
						
						
						
						* Vector.im is the identity server that gets restored by itself and I
  don't seem to ever have any business to Vector.im website, while
  the other domains I need to visit at times.
* use-application-dns.net being NXDOMAIN tells Firefox to not send
  traffic to Cloudflare DoH. I thought of this when I saw the news and
  got courage to actually do this after seeing that DNSCrypt-proxy also
  does so. 
						
						
					 
					
						2019-09-07 14:42:15 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
						
						
						
							
						
						
							9bcd2d61c7 
							
						 
					 
					
						
						
							
							unbound/*dns64*: add Cloudflare  
						
						
						
						
					 
					
						2019-08-25 18:27:11 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
						
						
						
							
						
						
							aa2c53349d 
							
						 
					 
					
						
						
							
							unbound/plain-dns64.conf: add Google DNS  
						
						
						
						
					 
					
						2019-08-25 18:21:16 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
						
						
						
							
						
						
							31aa6066b5 
							
						 
					 
					
						
						
							
							unbound/dns-over-tls.conf: don't mention forwards.conf  
						
						... 
						
						
						
						I renamed it. 
						
						
					 
					
						2019-08-25 18:17:50 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
						
						
						
							
						
						
							41644a9b65 
							
						 
					 
					
						
						
							
							unbound: add dns64-over-tls.conf (broken for now)  
						
						
						
						
					 
					
						2019-08-25 18:16:51 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
						
						
						
							
						
						
							6308c9af72 
							
						 
					 
					
						
						
							
							unbound: clean up plain-dns64.conf (only TREX for now)  
						
						
						
						
					 
					
						2019-08-25 18:09:50 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
						
						
						
							
						
						
							04658408d4 
							
						 
					 
					
						
						
							
							unbound: rename    forwards.conf -> plain-dns64.conf  
						
						
						
						
					 
					
						2019-08-25 18:07:28 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
						
						
						
							
						
						
							3dc273fbe0 
							
						 
					 
					
						
						
							
							unbound: mention other files of interest in dot & add threads  
						
						
						
						
					 
					
						2019-08-24 12:40:04 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
						
						
						
							
						
						
							6274ed8e13 
							
						 
					 
					
						
						
							
							unbound/dot: add nic.cz & nixnet  
						
						
						
						
					 
					
						2019-08-24 12:02:26 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
						
						
						
							
						
						
							5462af3059 
							
						 
					 
					
						
						
							
							unbound/dot: add Lelux.fi  
						
						
						
						
					 
					
						2019-08-24 11:57:42 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
						
						
						
							
						
						
							7afaa57882 
							
						 
					 
					
						
						
							
							unbound/dot: add Snopyta  
						
						
						
						
					 
					
						2019-08-24 11:55:22 +03:00