shell-things/etc/unbound/unbound.conf.d/blocklist.conf

39 lines
1.3 KiB
Plaintext

server:
# Tells Firefox to not automatically use Cloudflare as TRR thus bypassing
# local encrypted DNS.
# Encrypted Client Hello (ECH) does require DoH, but that should be
# configured separately in browser policy and/or autoconfig.js
local-zone: "use-application-dns.net." always_nxdomain
# One of the most prevalent trackers, also the most blocked one.
local-zone: "google-analytics.com." always_refuse
# Theoretically breaks nothing as clients should handle it.
# https://aminda.eu/matrix/#why-do-you-use-matrix-uri-scheme-instead-of-matrixto
# https://matrix.to/#/!KMbEUhVQHLwZHmwzKX:matrix.org/$jvB1PAivkIzRKQdlU_KFAtyPW_8Gv9o5tygud_09CRY?via=pikaviestin.fi&via=grin.hu&via=tchncs.de
local-zone: "matrix.to." always_refuse
# A lot of apps integrating Facebook in any form on mobile call this domain
# in particular, likely websites too.
local-zone: "graph.facebook.com." always_refuse
## APPLIANCE/CAPTIVE PORTAL DOMAINS
# Search these through host or dig to another server instead!
# Fritz router/modem default search domain and control panel.
local-zone: "fritz.box." always_refuse
# Netgear
#local-zone: "mywifiext.net." always_refuse
# TP-Link
#local-zone: "tplinkrepeater.net." always_refuse
# ASUS
#local-zone: "router.asus.com." always_refuse
# Norwegian planes
#local-zone: "norwegianwifi.com." always_refuse
# vim: filetype=unbound.conf