Block ads, malware, tracking + more on systems running Unbound as a resolver.
This project is based on UnboundBL and like it depends on Unbound DNS to blackhole undesired content. unhBlock has been written with maintainability in mind.
- Add, download and parse blocklist URLs
- Add, download and parse whitelist URLs
- Redirect to user defined IP address (i.e. pixelserv)
- Redirect to user defined CNAME record (i.e. pixelserv)
- Confirm valid Unbound configuration
- Optionally reload Unbound configuration
Use OPNsense branch.
- Drop unhBlock in
/usr/home - Drop sample action file in
/usr/local/opnsense/service/conf/actions - Edit action definition as needed
- Drop blacklist sources file in
var/unhBlock/ - Drop whiltelist sources file in
/var/unhBlock - Reload configd
service configd restart - Test action
configctl unhBlock start
For best results redirect all domains found in blocklists to a host on your
network using a PixelServ via the -b/--blackhole flag.
Optionally redirect unwanted traffic employing a CNAME record via --type CNAME option and parameter.
For my own personal configuration, I redirect all traffic to a PixelServ that is
reachable only via a Traefik router to support SSL.
Feel free to inspect the [sample service file][pixel-service] and Traefik
config.
The sample lists in this repository were created based user recommendations.
BSD-3-Clause
Carlos Hernandez | e-mail