Prehistory

Gluttonous bind9

I had a couple of years ago to leave his home and move to another city. As a result, I had to leave my self-assembly media center, and to buy the set-top box AuraHD Plus at a new place. Not a bad device for your money, especially if you consider that it has built-in applications for accessing movie services, etc.

All would be nothing, but advertising there turns on every sneeze. I had to invent how to cut it. My first thought was to raise my DNS server and send all objectionable domains to / dev / null to 127.0.0.1. By this time my home server returned to me and took its place of honor on the cabinet as a NAS server.

No sooner said than done. Raised Bind9, configured configs for several domains, everything is fine. We fly.

After a couple of weeks, the thought occurred to me, why not use this method to filter ads for all devices at home? The case is not tricky.

Searching lists with advertising domains led me to several urls and I took them to parse. Somewhere in the vastness of Habr there was an article that helped me with parsing and writing scripts for generating configs for Bind9 (thanks to the author, but I could not find the link, let me forgive).

Everything is done and it's time to start Bind9. Start and everything is fine. Except one. This voracious monster ate all the RAM and asked for a swap. 5 gigabytes of memory for 400 thousand domains!

Pointing this way to my poor Intel Atom server, I decided that this was not the case.

PowerDNS Migration

Googling and studying other options, I came to the conclusion that Bind9 is not exactly what you need. We need a server that is easier in terms of resources, and could be able to shovel so many domains.

PowerDNS came up to the article, because he can read Bind9 configs himself and use them in his work. Put, set up (actually there is no difficulty in this) backend Bind9 launched.

The result exceeded all expectations - 700 MB of consumed memory after 5 gigabytes! Is this not a dream? Especially with only 4 GB in the server. :)

This has worked for several months until I wondered if the Bind9 configs are nice, but the start of PowerDNS is really quite slow. The time for the "absorption" of all domains is obscenely large and it is worth somehow to optimize this process.

From optimization it was necessary to infuse only all these domains with advertising in MySQL. This would allow more flexible management of the list of domains, add, delete, maintain their internal domains.

Rolled up the sleeves and started. It turned out to be quite simple - zone2sql solves all the problems :) It remained to wrap all this in a docker and pick it up. Made pretty quickly and without any problems.

So it flies already half a year at home and happy. But today there was an article on Habré about the ad-blocker for Samsung smartphones and I was offered to give out my share in open access in the comments.

Well, I share.

Dependencies

docker

Since all this is spinning inside the docker containers, we will need this thing 100%. All actions are related to Ubuntu Linux, because I use it at home and at work.

It is installed according to the documentation quite simply:

curl -sSL https://get.docker.com/ | sh 

After the script is completed, the docker will be ready and can be used.

If you prefer a different installation method, you can always refer to the documentation and choose what you like.

docker-compose

Docker Compose is designed for planning and organizing processes in Docker containers (starting, shutting down, creating intercontainer connections and volumes, etc.).

Installation is no more difficult than the docker itself:

 curl -L "https://github.com/docker/compose/releases/download/1.8.1/docker-compose-$(uname -s)-$(uname -m)" > /usr/local/bin/docker-compose chmod +x /usr/local/bin/docker-compose 

Run your own ad filter

Clone the repository

Logical action and does not need, perhaps, an explanation of why it should be done. :)

 sudo mkdir /opt/docker sudo chown <user> /opt/docker git clone https://github.com/DmitriyLyalyuev/powerdns-no-ads /opt/docker/pdns cd /opt/docker/pdns 

Create a database

 docker-compose up -d mysql 

Database user

To access the server's MySQL console, do the following:

 docker exec -ti pdns_mysql_1 mysql -u root -p 

The default password for the root user is 12345.

Create a user and database:

 CREATE USER 'powerdns_user'@'%' IDENTIFIED BY 'powerdns'; GRANT ALL PRIVILEGES ON powerdns.* TO 'powerdns_user'@'%'; CREATE DATABASE powerdns; exit 

We start the DNS server

 docker-compose up -d 

Updating ad domain lists

To update the lists, run:

 docker exec -ti pdns_pdns_1 bash cd /etc/powerdns/bind ./getnewlist.sh && ./import.sh && ./clean.sh exit 

White listing

The list for excluding domains is located at the top of the /opt/docker/pdns/powerdns-server/bind/getnewlist.sh file.

Use, experiment and let's make the Internet cleaner. At least at home. ;)